无法以非root用户身份为mariadb镜像运行docker容器
[英]Cannot run docker container with non root user for mariadb image
问题描述
没有非root用户,从dockerfile耗尽的docker容器可以正常工作,但是当我添加用户时,出现以下错误:
Initializing database 2019-07-17 21:28:05 0 [Warning] Can't create test file /var/lib/mysql/9e79cb48a1f0.lower-test 2019-07-17 21:28:05 0 [ERROR] mysqld: Can't create/write to file '/var/lib/mysql/aria_log_control' (Errcode: 13 "Permission denied") 2019-07-17 21:28:05 0 [ERROR] mysqld: Got error 'Can't create file' when trying to use aria control file '/var/lib/mysql/aria_log_control' 2019-07-17 21:28:05 0 [ERROR] Plugin 'Aria' init function returned error. 2019-07-17 21:28:05 0 [ERROR] Plugin 'Aria' registration as a STORAGE ENGINE failed. 2019-07-17 21:28:05 0 [ERROR] InnoDB: Operating system error number 13 in a file operation. 2019-07-17 21:28:05 0 [ERROR] InnoDB: The error means mysqld does not have the access rights to the directory. 2019-07-17 21:28:05 0 [ERROR] InnoDB: Operating system error number 13 in a file operation. 2019-07-17 21:28:05 0 [ERROR] InnoDB: The error means mysqld does not have the access rights to the directory. 2019-07-17 21:28:05 0 [ERROR] InnoDB: Cannot open datafile './ibdata1' 2019-07-17 21:28:05 0
[ERROR] InnoDB: Could not open or create the system tablespace. If you tried to add new data files to the system tablespace, and it failed here, you should now edit innodb_data_file_path in my.cnf back to what it was, and remove the new ibdata files InnoDB created in this failed attempt. InnoDB only wrote those files full of zeros, but did not yet use them in any way. But be careful: do not remove old data files which contain your precious data!
Dockerfile
FROM mariadb:10.3.5
RUN apt-get update & apt-get upgrade -y
ENV MYSQL_USER=user1 \
MYSQL_PASSWORD=pass5 \
MYSQL_DATABASE=db \
MYSQL_ROOT_PASSWORD=XXX
RUN useradd -ms /bin/bash newuser
USER newuser
WORKDIR /home/newuser
RUN sudo chown -R newuser:newuser /var/lib/mysql
ADD . /home/newuser
I would like to see the container to run as non root user
1 个解决方案
解决方案1
1 已采纳 2019-07-19 00:54:04
如果你看看Dockerfile的内容,他们已经在增加一个无根的用户Dockerfile ,那么为什么你需要其他的吗?
# add our user and group first to make sure their IDs get assigned consistently, regardless of whatever dependencies get added
RUN groupadd -r mysql && useradd -r -g mysql mysql
您的这一步也被忽略了,
RUN sudo chown -R newuser:newuser /var/lib/mysql
但是当涉及到正式的docker 入口点时 ,它失败了,他们以MySQL用户的身份运行数据库初始化或其他操作,因此新用户将不允许以下文件,因此反而会拒绝授予权限。
如果您确实要执行此操作,则必须覆盖docker-entry点,或者可能是dockerfile的一部分。 这是官方Dockerfile的代码形式
rm -rf /var/lib/mysql; \
mkdir -p /var/lib/mysql /var/run/mysqld; \
chown -R mysql:mysql /var/lib/mysql /var/run/mysqld; \
# ensure that /var/run/mysqld (used for socket and lock files) is writable regardless of the UID our mysqld instance ends up having at runtime
chmod 777 /var/run/mysqld; \
以随机(非root)Linux用户身份运行预填充的Docker容器MySQL?
[英]Run MySQL a prefilled docker container as random (non-root) linux user?
使用 mariadb 10.4.8 docker 容器使用 docker 组合并在附加外部卷时发出
[英]Access denied for user 'root'@'localhost' with mariadb 10.4.8 docker container using docker compose and issue while attaching external volume
以非 root 用户身份启动自定义 Docker MySQL 容器时,ibdata1 写入出错
[英]Error with ibdata1 write when starting customised Docker MySQL container as non-root user
mariadb 启动后,如何在 docker 容器中运行查询?
[英]How to run a query in docker container after mariadb has started?
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.
相关问题
其他用户无法访问 docker 中的 mariadb,然后是 root
以随机(非root)Linux用户身份运行预填充的Docker容器MySQL?
无法在 Docker 内运行 MariaDB
使用 mariadb 10.4.8 docker 容器使用 docker 组合并在附加外部卷时发出
以非 root 用户身份启动自定义 Docker MySQL 容器时,ibdata1 写入出错
docker 容器 mariadb 卷
mariadb 启动后,如何在 docker 容器中运行查询?
docker phppyadmin 容器拒绝用户“root”访问
MariaDB - 无法以 root 身份登录
docker中没有root的Mariadb init
相关标签