I'm trying to access docker running on my host from a user within a container. I'm attempting to do this by mapping the socket on my host to the container volume docker run -it -v /var/run/docker.sock:/var/run/docker.sock myimage bash
on my host ls -l on /var/run/docker.sock shows that the owner is my normal host user (not root), but when I look in the container, it's owned by root. Consequently I get "permission denied" when trying to connect to docker within the container. Here is a sample image
FROM ubuntu:latest
USER root
RUN apt-get update -y && apt-get upgrade -y \
&& apt-get install -y python python-dev python3.6 python-pip
virtualenv libssl-dev libpq-dev git build-essential libfontconfig1
libfontconfig1-dev
RUN pip install setuptools docker
RUN useradd -ms /bin/bash -d /usr/local/myuser myuser
RUN chown -R myuser: /usr/local/myuser
USER myuser
build the image
docker build -t myimage .
start a bash shell
docker run -it -v /var/run/docker.sock:/var/run/docker.sock myimage bash
try for example to connect via python
python -c "import docker; c = docker.from_env(); c.containers.list()
gives a permission denied error.
How can I map the correct permissions of the volume (and why do they change when I map the volume)? And is it possible to do this in the Dockerfile or in the run command (eg my actual application is using docker-compose).
I've tried creating a docker group in my dockerfile and adding myuser to the group but this does not seem to work, i'm not sure why but possibly because I'm on a mac and installed docker using the gui installer
Simple change UID of the user,
RUN useradd -ms /bin/bash -d /usr/local/myuser -u ${UID} myuser
where UID can be taken via
id
in terminal
Related
Jenkins docker.sock is not working.
I've already tried everything.
But i still get my error.
01:22:44 + docker ps
01:22:44 Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get http://%2Fvar%2Frun%2Fdocker.sock/v1.40/containers/json: dial unix /var/run/docker.sock: connect: permission denied
This error disappears only when i run jenkins container as ROOT.
THIS IS WORKS FINE:
USER root
# prerequisites for docker
RUN apt-get update \
&& apt-get -y install \
apt-transport-https \
ca-certificates \
curl \
software-properties-common
# docker repos
RUN curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add - \
&& echo "deb [arch=amd64] https://download.docker.com/linux/ubuntu xenial stable" >> /etc/apt/sources.list.d/additional-repositories.list \
&& echo "deb http://ftp-stud.hs-esslingen.de/ubuntu xenial main restricted universe multiverse" >> /etc/apt/sources.list.d/official-package-repositories.list \
&& apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 437D05B5 \
&& apt-get update
# docker
RUN apt-get -y install docker-ce
# docker-compose
RUN curl -L https://github.com/docker/compose/releases/download/1.16.1/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-compose \
&& chmod +x /usr/local/bin/docker-compose
# give jenkins docker rights
RUN usermod -aG docker jenkins
but when i add this to Dockerfile (using jenkins user instead of root)
# give jenkins docker rights
RUN usermod -aG docker jenkins
USER jenkins
i get permission denied error.
I already tried this too:
newgrp docker
Not working
What i'm doing wrong?
My host OS is MacOS
It's okay to run jenkins as root or not?
It's my first Docker image, I put there my own bash script. This script uses the whois command. After docker runs my script, I have some errors. Probably I made mistake on my dockerfile. Script works well on my ubuntu.
Should I add the /etc/services file to my image?
Dockerfile:
FROM ubuntu
ADD ./ip_info /usr/src/ip_info
ADD ./ip_info /bin/ip_info
RUN apt-get update && apt-get -y install whois
RUN chmod +x /usr/src/ip_info
CMD ["/usr/src/ip_info"]
error:
getaddrinfo(whois.ripe.net): Servname not supported for ai_socktype
I fixed it by
RUN apt-get update && apt-get install -y --no-install-recommends ntp
to dockerfile.
I have created a Dockerfile in my file structure, built a docker repository, and tried to run it, but I keep getting the following error:
Error response from daemon: repository not found, does not exist, or no pull access.
I'm pretty new to docker, so what could possibly be wrong here?
Commands I run:
docker build -t repoName .
docker run -d -p 8080:80 repoName
My Dockerfile:
FROM nginx:1.10.3
RUN mkdir /app
WORKDIR /app
# Setup enviromnet
RUN apt-get update
RUN apt-get install -y curl tar
RUN curl -sL https://deb.nodesource.com/setup_6.x | bash -
RUN apt-get install -y nodejs
# Do some building and copying
EXPOSE 80
CMD ["/bin/sh", "/app/run-dockerized.sh"]
I'm trying to play with Facebook's HHVM on my lovely Windows, but since it isn't supported yet I'm trying Docker.
Pretty simple. I have only these two files on the same directory in path /c/apache/htdocs/hello-hhvm
Dockerfile
FROM ubuntu:wily
RUN apt-get -y install software-properties-common
RUN apt-key adv --recv-keys --keyserver hkp://keyserver.ubuntu.com:80 0x5a16e7281be7a449
RUN add-apt-repository "deb http://dl.hhvm.com/ubuntu $(lsb_release -sc) main"
RUN apt-get -y update
RUN apt-get -y install hhvm
VOLUME /app
WORKDIR /app
hello.php
<?hh echo 'its me';
Then I build the image:
docker build -t hhvm .
And run the container trying to mount the volume /app:
docker run --rm -it -v /c/apache/htdocs/hello-hhvm:/app hhvm bash
I successfully start a bash session on the container already in the /app directory BUUUUT there is no hello.php neither Dockerfile in there.
What I'm doing wrong?
Thanks.
I have the following docker file that I am attempting to use to build a Ubuntu image with mono.
FROM ubuntu:14.04
MAINTAINER John Smith <John.Smith#gmail.com>
RUN sudo apt-get update
RUN sudo /bin/bash -l -c apt-get install wget
RUN sudo /bin/bash -l -c apt-get http://download.mono-project.com/repo/xamarin.gpg
RUN sudo apt-key add xamarin.gpg
RUN sudo echo "deb http://download.mono-project.com/repo/debian wheezy main" > /etc/apt/sources.list.d/mono-xamarin.list
RUN sudo apt-get update
RUN sudo apt-get install mono-complete
When I run the following docker build command...
docker build -t="test/mono" .
It fails building and gives the following errors message:
gpg:can't open 'xamaring.gpg': No such file or directory.
2015/05/27 16:11:01 The command [/bin/bash -c sudo apt-key add xamarin.gpg] returned a non-zero code: 2
Anything obviously wrong sticking out?
It looks like you forgot to use wget instead of apt-get after you installed wget, so 'xamaring.gpg' has not been downloaded and that's why it can't be found.
You need this:
/bin/bash -l -c "wget http://download.mono-project.com/repo/xamarin.gpg"
The is an example of this in docker's website:
Dockerizing MongoDB