Closed plovely closed 4 years ago
julesghub
commented
4 years ago I believe this is a permission error because /local/lfs1/data/plnk is not open to writes from the docker. The docker default user is jovyan and not your local machines user (plnk?)
Perhaps make /local/lfs1/data/plnk writable by all, ie.
chmod a+w -R /local/lfs1/data/plnk
This isn't an ideal solution but if it works we can come up with a better solution later.
plovely
commented
4 years ago Julian,
I will give this a try, but currently can't access the machine on which our admins installed Docker. I'll let you know when I do.
Note that for some reason the permissions error is unique to Underworld. I do not have the same issue in Badlands (badlandsmodel/badlands:latest) or a generic CentOS container that our admins installed. Perhaps the default user in those containers is handled differently?
Thanks.
plovely
commented
4 years ago Julian, yes, you are right, if I make the local folder mapped to the docker volume world writable, the permissions issue is resolved. It's not ideal because a) I don't want the folder world-writable and b) I can only modify or delete the files/folders created by docker from within the docker container, but it will work temporarily.
julesghub
commented
4 years ago Note that for some reason the permissions error is unique to Underworld. I do not have the same issue in Badlands (badlandsmodel/badlands:latest) or a generic CentOS container that our admins installed. Perhaps the default user in those containers is handled differently?
Yes that's right. Badlands and CentOS run as root user, Underworld and UWGeo run as jovyan user. Running as a non-root user is a more secure practice but can lead to permission difficulties as above e.g. read/writes to the the local filesystem.
Another way around this is to create a volume for "persistent" storage and copy files from the container to the local machine, as opposed to a direct mount to the local filesystem. This is cumbersome.
A better solution maybe to add the jovyan user id (1000) to a group on the local machine and allow that group access to /local/lfs1/data/plnk rather than all users.
rbeucher
commented
4 years ago I am closing this for now. Feel free to reopen if needed.
I'm trying to switch from Docker for Windows to Docker for Linux. In the latest version of UWGeo, volumes mounted in the Docker container are read-only. In an email exchange with Julian, he indicated that this was a bug in the previous release, and that it should be fixed in underworldcode/underworld2:2.9.1b (as well as future releases of UWGeo). However, I continue to encounter the same permission error in the UW2 container referenced above, as well as in underworldcode/underword2:dev). The screenshot below shows the command with which I launch docker (I have the same issue when running Jupyter notebooks) and the error.
Thanks, Pete