Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

'Permission denied' error for standalone-full.xml while creating custom image from official jboss/wildfly image

Tags:

linux

docker

jboss

wildfly

I am working to build a custom image derived from the official jboss/wildfly image.

It's working perfectly if I just add the .war file and run, but problems arise when I try to add a custom standalone-full.xml file

This is my Dockerfile:

FROM jboss/wildfly:10.1.0.Final

COPY standalone-full.xml /opt/jboss/wildfly/standalone/configuration/standalone-full.xml

COPY sample.war /opt/jboss/wildfly/standalone/deployments/

CMD ["/opt/jboss/wildfly/bin/standalone.sh", "-c", "standalone-full.xml", "-b", "0.0.0.0", "-bmanagement", "0.0.0.0"]

This is my source directory:

link to screenshot of ls -la command inside the source directory

As recommended, I have given 755 permission to the standalone-full.xml file.

However, after building the image with the following command:

docker build -t sample-app .

and running the image as follows:

docker run -it -p 8080:8080 -p 80:80 -p 443:443 sample-app

I receive the following error:

13:18:06,274 ERROR [org.jboss.msc.service.fail] (MSC service thread 1-1) MSC000001: Failed to start service jboss.undertow.listener.default: org.jboss.msc.service.StartException in service jboss.undertow.listener.default: WFLYUT0082: Could not start 'default' listener.
    at org.wildfly.extension.undertow.ListenerService.start(ListenerService.java:153)
    at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1948)
    at org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1881)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
    at java.lang.Thread.run(Thread.java:748)
Caused by: java.net.SocketException: Permission denied
    at sun.nio.ch.Net.bind0(Native Method)
    at sun.nio.ch.Net.bind(Net.java:433)
    at sun.nio.ch.Net.bind(Net.java:425)
    at sun.nio.ch.ServerSocketChannelImpl.bind(ServerSocketChannelImpl.java:223)
    at sun.nio.ch.ServerSocketAdaptor.bind(ServerSocketAdaptor.java:74)
    at org.xnio.nio.NioXnioWorker.createTcpConnectionServer(NioXnioWorker.java:190)
    at org.xnio.XnioWorker.createStreamConnectionServer(XnioWorker.java:243)
    at org.wildfly.extension.undertow.HttpListenerService.startListening(HttpListenerService.java:126)
    at org.wildfly.extension.undertow.ListenerService.start(ListenerService.java:142)

I exec'd into the running container to look at the file permissions of the standalone file:

link to screenshot of ls -la command inside the container's /opt/jboss/wildfly/standalone/configuration/ directory

I am able to get the app running if I change the user to root before running the CMD instruction, but that's not a good practice I think:

FROM jboss/wildfly:10.1.0.Final

COPY standalone-full.xml /opt/jboss/wildfly/standalone/configuration/standalone-full.xml

COPY sample.war /opt/jboss/wildfly/standalone/deployments/

USER root

CMD ["/opt/jboss/wildfly/bin/standalone.sh", "-c", "standalone-full.xml", "-b", "0.0.0.0", "-bmanagement", "0.0.0.0"]

How do I correctly set the permissions of the standalone file so that I can run the application with the 'jboss' user?

I also tried changing the permissions within the Dockerfile as follows to match the permissions of other files:

FROM jboss/wildfly:10.1.0.Final

USER root

COPY standalone-full.xml /opt/jboss/wildfly/standalone/configuration/standalone-full.xml

RUN chown jboss:root /opt/jboss/wildfly/standalone/configuration/standalone-full.xml

USER jboss

COPY sample.war /opt/jboss/wildfly/standalone/deployments/

CMD ["/opt/jboss/wildfly/bin/standalone.sh", "-c", "standalone-full.xml", "-b", "0.0.0.0", "-bmanagement", "0.0.0.0"]

But, the permissions don't get applied and I still get the same error. Can anyone please point to me to the right direction as to where I am making a mistake?

I am using Docker version 17.06.0-ce and overlay2 storage driver

like image 591
Akshay Elavia Avatar asked Jul 13 '17 13:07

Akshay Elavia

1 Answers

You have configured your wildfly instance to listen on TCP/IP port numbers < 1024.

Ports 80 and 443 in fact.

Normally only the root user has permission to do this on any unix based operating system, including Linux.

like image 118
Steve C Avatar answered Nov 18 '22 16:11

Steve C
Sign in to Comment

Related questions

Perl Module Error - defined(%hash) is deprecated
Deny an access to shared memory from non-forked processes
How to set the python path in Centos Linux
find files that are older than 15 minutes
"cat /dev/random" versus "tail -f /dev/random"
dlopen doesn't respect `RTLD_LOCAL`?
Having trouble starting Jenkins: "java.io.FileNotFoundException: /usr/share/java/jenkins/war/META-INF/MANIFEST.MF (No such file or directory)"
Newrelic does not display CPU & memory usage for Docker's container
Why don't my udev rules work inside of a running docker container?
Send a notification trap SNMP with snmptrap command Linux
Why does my remote host return a error code -1 when I use fabric reboot()?
Piping result of command as an argument
How to determine a tar archive's format
PostgreSQL change the data directory [closed]
dev_err() function definition
Debian 8. Failed to load iwlwifi
What server URL should one provide for TeamCity agent in Docker?
ElasticSearch on Raspberry Pi exited
std::map implementation differs between linux and windows
How to connect SSMS to Linux SqlServer in docker container?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!