I have the following Dockerfile
FROM ubuntu:14.04
EXPOSE 8000
# Install nginx
RUN apt-get update -q \
&& apt-get install --no-install-recommends --no-install-suggests -y -q \
nginx \
&& rm -rf /var/lib/apt/lists/*
COPY ./nginx.conf /etc/nginx/
COPY ./index.html /usr/share/nginx/test/
RUN groupadd -r webgroup \
&& useradd -r -m -g webgroup webuser \
&& touch /run/nginx.pid \
&& chown -R webuser:webgroup /var/log/nginx /var/lib/nginx /run/nginx.pid
USER webuser
CMD nginx
When I run it I get Permission denied on /var/log/nginx
:
mikhails-mbp:test-docker-nginx mkuleshov$ docker run -p 8000:8000 mytest
nginx: [alert] could not open error log file: open() "/var/log/nginx/error.log" failed (13: Permission denied)
2016/10/02 17:02:51 [emerg] 5#0: open() "/var/log/nginx/access.log" failed (13: Permission denied)
If I get into the container with bash I see:
webuser@d190146a0e8d:/var/log/nginx$ ls -la
total 8
drwxr-x--- 2 webuser webgroup 4096 Jun 2 15:16 .
drwxrwxr-x 8 root syslog 4096 Oct 2 17:02 ..
How is it possible? During the above session I also cannot create files under that user.
Thing that helped: Removing the /var/log/nginx
and recreating it again. But I have no idea why this happens.
There is no SELinux.
Has anyone encountered anything like that or is there anything I'm doing wrong?
P.S. Here is docker info
if it can help
mikhails-mbp:test-docker-nginx mkuleshov$ docker info
Containers: 179
Running: 0
Paused: 0
Stopped: 179
Images: 901
Server Version: 1.11.2
Storage Driver: aufs
Root Dir: /mnt/sda1/var/lib/docker/aufs
Backing Filesystem: extfs
Dirs: 1109
Dirperm1 Supported: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: bridge null host
Kernel Version: 4.4.12-boot2docker
Operating System: Boot2Docker 1.11.2 (TCL 7.1); HEAD : a6645c3 - Wed Jun 1 22:59:51 UTC 2016
OSType: linux
Architecture: x86_64
CPUs: 1
Total Memory: 1.955 GiB
Name: default
ID: 3K5S:3QBN:BXGY:FASS:VG6P:D4CS:UXRK:GYXB:HJQG:SIQH:F6KQ:N4BN
Docker Root Dir: /mnt/sda1/var/lib/docker
Debug mode (client): false
Debug mode (server): true
File Descriptors: 15
Goroutines: 32
System Time: 2016-10-02T17:08:51.355144074Z
EventsListeners: 0
Username: mkuleshov
Registry: https://index.docker.io/v1/
Labels:
provider=virtualbox
P.P.S. Here is a test repo with configs for that case: https://github.com/aides/test-docker-nginx
If running elevated Docker commands does not fix the permission denied error, verify that your Docker Engine is running. Similar to running a docker command without the sudo command, a stopped Docker Engine triggers the permission denied error. How do you fix the error? By restarting your Docker engine.
Add User Permissions We need to give the nginx user permissions to several files. Our working directory on the docker container will be /app . We'll copy the source code from our local machine into that folder later. The nginx user needs permission for the WORKDIR and also for /var/cache/nginx (cache), /etc/nginx/conf.
Because: Only root processes can listen to ports below 1024. A webserver typically runs at port 80 and/or 443. That means it needs to be started as root.
Most likely adding your user into adm group will solve your issue.
Try sudo usermod -aG adm webuser
More details: https://askubuntu.com/questions/421684/cant-access-apache-error-logs
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With