运行 bash 脚本的 docker 入口点获得“权限被拒绝”
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/38882654/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
docker entrypoint running bash script gets "permission denied"
提问by Calvin Hu
I'm trying to dockerize my node.js app. When the container is built I want it to run a git cloneand then start the node server. Therefore I put these operations in a .sh script. And run the script as a single command in the ENTRYPOINT:
我正在尝试 dockerize 我的 node.js 应用程序。构建容器后,我希望它运行一个git clone然后启动节点服务器。因此我将这些操作放在一个 .sh 脚本中。并在 ENTRYPOINT 中将脚本作为单个命令运行:
FROM ubuntu:14.04
RUN apt-get update && apt-get install -y build-essential libssl-dev gcc curl npm git
#install gcc 4.9
RUN apt-get install -y software-properties-common python-software-properties
RUN add-apt-repository -y ppa:ubuntu-toolchain-r/test
RUN apt-get update
RUN apt-get install -y libstdc++-4.9-dev
#install newst nodejs
RUN curl -sL https://deb.nodesource.com/setup_4.x | sudo -E bash -
RUN apt-get install -y nodejs
RUN mkdir -p /usr/src/app
WORKDIR /usr/src/app
ADD package.json /usr/src/app/
RUN npm install
ADD docker-entrypoint.sh /usr/src/app/
EXPOSE 8080
ENTRYPOINT ["/usr/src/app/docker-entrypoint.sh"]
My docker-entrypoint.sh looks like this:
我的 docker-entrypoint.sh 看起来像这样:
git clone git@<repo>.git
git add remote upstream git@<upstream_repo>.git
/usr/bin/node server.js
After building this image and run:
构建此映像并运行后:
docker run --env NODE_ENV=development -p 8080:8080 -t -i <image>
I'm getting:
我越来越:
docker: Error response from daemon: oci runtime error: exec: "/usr/src/app/docker-entrypoint.sh": permission denied.
I shell into the container and the permission of docker-entrypoint.sh is:
我shell进入容器,docker-entrypoint.sh的权限是:
-rw-r--r-- 1 root root 292 Aug 10 18:41 docker-entrypoint.sh
three questions:
三个问题:
Does my bash script have wrong syntax?
How do I change the permission of a bash file before adding it into an image?
What's the best way to run multiple git commands in entrypoint without using a bash script?
我的 bash 脚本是否有错误的语法?
如何在将 bash 文件添加到图像之前更改其权限?
在不使用 bash 脚本的情况下在入口点运行多个 git 命令的最佳方法是什么?
Thanks.
谢谢。
回答by Charles Duffy
"Permission denied" prevents your script from being invoked at all. Thus, the only syntax that could be possibly pertinent is that of the first line (the "shebang"), which should look like
#!/usr/bin/env bash, or#!/bin/bash, or similar depending on your target's filesystem layout.Most likely the filesystem permissions not being set to allow execute. It's also possible that the shebang references something that isn't executable, but this is farless likely.
Mooted by the ease of repairing the prior issues.
拒绝“权限”避免你的脚本被调用在所有。因此,唯一可能相关的语法是第一行(“shebang”)的语法,根据目标的文件系统布局,它应该看起来像
#!/usr/bin/env bash、 或#!/bin/bash或类似的。很可能文件系统权限未设置为允许执行。shebang 也有可能引用不可执行的内容,但这种可能性要小得多。
由修复先前问题的难易引起。
The simple reading of
的简单阅读
docker: Error response from daemon: oci runtime error: exec: "/usr/src/app/docker-entrypoint.sh": permission denied.
...is that the script isn't marked executable.
...是该脚本未标记为可执行文件。
RUN ["chmod", "+x", "/usr/src/app/docker-entrypoint.sh"]
will address this within the container. Alternately, you can ensure that the local copy referenced by the Dockerfile is executable, and then use COPY(which is explicitly documented to retain metadata).
将在容器内解决这个问题。或者,您可以确保 Dockerfile 引用的本地副本是可执行的,然后使用COPY(明确记录以保留元数据)。
回答by Sami Start
An executable file needs to have permissions for execute set before you can execute it.
可执行文件需要有执行权限才能执行。
In your machine where you are building the docker image (not inside the docker image itself) try running:
在您构建 docker 镜像的机器上(不在 docker 镜像内部)尝试运行:
ls -la path/to/directory
The first column of the output for your executable (in this case docker-entrypoint.sh) should have the executable bits set something like:
可执行文件输出的第一列(在本例中为 docker-entrypoint.sh)应该将可执行位设置为:
-rwxrwxr-x
If not then try:
如果没有,请尝试:
chmod +x docker-entrypoint.sh
and then build your docker image again.
然后再次构建您的 docker 镜像。
Docker uses it's own file system but it copies everything over (including permissions bits) from the source directories.
Docker 使用它自己的文件系统,但它从源目录复制所有内容(包括权限位)。
回答by Saurabhcdt
I faced same issue & it resolved by
我遇到了同样的问题,它解决了
ENTRYPOINT ["sh", "/docker-entrypoint.sh"]
For the Dockerfile in the original question it should be like:
对于原始问题中的 Dockerfile,它应该是这样的:
ENTRYPOINT ["sh", "/usr/src/app/docker-entrypoint.sh"]
回答by BradChesney79
This is an old question asked two years prior to my answer, I am going to post what worked for me anyways.
这是一个在我回答前两年提出的老问题,无论如何我都会发布对我有用的内容。
In my working directory I have two files: Dockerfile & provision.sh
在我的工作目录中,我有两个文件:Dockerfile 和 provision.sh
Dockerfile:
Dockerfile:
FROM centos:6.8
# put the script in the /root directory of the container
COPY provision.sh /root
# execute the script inside the container
RUN /root/provision.sh
EXPOSE 80
# Default command
CMD ["/bin/bash"]
provision.sh:
提供.sh:
#!/usr/bin/env bash
yum upgrade
I was able to make the file in the docker container executable by setting the file outside the container as executable chmod 700 provision.shthen running docker build ..
通过将容器外的文件设置为可执行文件chmod 700 provision.sh然后运行docker build ..
回答by betontalpfa
If you do notuse DockerFile, you can simply add permission as command line argument of the bash:
如果你不使用 DockerFile,你可以简单地添加权限作为 bash 的命令行参数:
docker run -t <image> /bin/bash -c "chmod +x /usr/src/app/docker-entrypoint.sh; /usr/src/app/docker-entrypoint.sh"
