以下设置:
我是机器上的username
。我在docker
组,以便我可以运行docker,它安装在该机器上。
我拼命试图在这台机器上运行jupyter/datascience-notebook
,但问题是我无法安全存档,因为用户似乎没有对已安装目录的访问权限。
它应该像这样工作:
docker run -it --rm -p 8888:8888 -v ~/workspaces:/home/jovyan/work/ -e NB_UID=$(id -u) -e NB_GID=$(id -g) -e GRANT_SUDO=yes jupyter/datascience-notebook
但它没有,因为我没有sudo
权利。
$ docker run -it --rm -p 8888:8888 -v ~/workspaces:/home/jovyan/work/ -e NB_UID=$(id -u) -e NB_GID=$(id -g) -e GRANT_SUDO=yes jupyter/datascience-notebook
Container must be run as root to set $NB_UID
Container must be run as root to set $NB_GID
Container must be run as root to grant sudo permissions
我打算玩Dockerfile
,所以我开始写这个:
FROM jupyter/datascience-notebook
# Use user root
USER root
RUN ls -la ~/
RUN chown -R jovyan:users ~/.local
RUN chmod -R 1777 ~/.local
RUN ls -la ~/
这就是为什么:下面这个小帮助脚本应该创建图像test-image
并在之后运行它。
#!/usr/bin/env python
import os
import subprocess
from notebook.auth import passwd
cmd = 'docker run -it --rm -p 8888:8888 ' \
'-v ~/workspaces:/home/jovyan/work ' \
'-v ~/datasets:/home/jovyan/data ' \
'-e NB_UID=$(id -u) -e NB_GID=$(id -g) -e GRANT_SUDO=yes ' \
'test-image start.sh jupyter lab ' \
'--NotebookApp.token=\'\' '
print('Running {}'.format(cmd))
subprocess.call('docker build --rm -t test-image .', shell=True)
subprocess.call(cmd, shell=True)
由于不理解的原因,我得到以下输出:
...
Step 14/16 : RUN ls -la ~/
---> Running in ef30926edc1a
total 44
drwsrwsr-x 12 jovyan users 4096 Feb 22 12:59 .
drwxr-xr-x 12 root root 4096 Feb 22 12:59 ..
-rw-rw-r-- 1 jovyan users 220 Aug 31 2015 .bash_logout
-rw-rw-r-- 1 jovyan users 3771 Aug 31 2015 .bashrc
drwsrwsr-x 3 jovyan users 4096 Feb 20 11:41 .cache
drwsrwsr-x 3 jovyan users 4096 Feb 20 09:29 .conda
drwsrwsr-x 3 jovyan users 4096 Feb 20 11:41 .config
drwxrwsrwt 11 jovyan users 4096 Feb 22 12:59 .local
-rw-rw-r-- 1 jovyan users 655 May 16 2017 .profile
drwsrwsr-x 2 jovyan users 4096 Feb 20 09:28 work
drwsrwsr-x 3 jovyan users 4096 Feb 20 09:38 .yarn
---> 2de66bf593f3
Removing intermediate container ef30926edc1a
Step 15/16 : RUN ls -la ~/.local/share
...
Set username to: jovyan
usermod: no changes
Set jovyan UID to: 1006
Set jovyan GID to: 1006
Granting jovyan sudo access and appending /opt/conda/bin to sudo PATH
Executing the command: jupyter lab --NotebookApp.token=
Traceback (most recent call last):
File "/opt/conda/lib/python3.6/site-packages/traitlets/traitlets.py", line 528, in get
value = obj._trait_values[self.name]
KeyError: 'runtime_dir'
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/opt/conda/bin/jupyter-lab", line 6, in <module>
sys.exit(jupyterlab.labapp.main())
File "/opt/conda/lib/python3.6/site-packages/jupyter_core/application.py", line 266, in launch_instance
return super(JupyterApp, cls).launch_instance(argv=argv, **kwargs)
File "/opt/conda/lib/python3.6/site-packages/traitlets/config/application.py", line 657, in launch_instance
app.initialize(argv)
File "<decorator-gen-7>", line 2, in initialize
File "/opt/conda/lib/python3.6/site-packages/traitlets/config/application.py", line 87, in catch_config_error
return method(app, *args, **kwargs)
File "/opt/conda/lib/python3.6/site-packages/notebook/notebookapp.py", line 1366, in initialize
self.init_configurables()
File "/opt/conda/lib/python3.6/site-packages/notebook/notebookapp.py", line 1100, in init_configurables
connection_dir=self.runtime_dir,
File "/opt/conda/lib/python3.6/site-packages/traitlets/traitlets.py", line 556, in __get__
return self.get(obj, cls)
File "/opt/conda/lib/python3.6/site-packages/traitlets/traitlets.py", line 535, in get
value = self._validate(obj, dynamic_default())
File "/opt/conda/lib/python3.6/site-packages/jupyter_core/application.py", line 99, in _runtime_dir_default
ensure_dir_exists(rd, mode=0o700)
File "/opt/conda/lib/python3.6/site-packages/jupyter_core/utils/__init__.py", line 13, in ensure_dir_exists
os.makedirs(path, mode=mode)
File "/opt/conda/lib/python3.6/os.py", line 210, in makedirs
makedirs(head, mode, exist_ok)
File "/opt/conda/lib/python3.6/os.py", line 210, in makedirs
makedirs(head, mode, exist_ok)
File "/opt/conda/lib/python3.6/os.py", line 220, in makedirs
mkdir(name, mode)
PermissionError: [Errno 13] Permission denied: '/home/jovyan/.local/share'
那么我发现chmod -R 1777 ~/.local
会发生什么事情,因为我认为这可能会帮助我解决您在此输出结尾时看到的Permission denied
错误。
我不明白为什么这不起作用。我想要做的就是将现有目录挂载到我的docker容器中,并能够在那里写入文件。
答案 0 :(得分:0)
虽然使用--user运行Docker容器时出现错误,但是相应容器的Dockerimage没有
USER mynamehere
在其中。 USER root行不是一个好主意,如果您想要一个专用用户,则需要使用另一个用户名(只要不是root用户就无关紧要)。通过添加
可以映射此用户以适合您的本地uid / gui--user $(id -u):$(id -g)
到您的docker运行命令行。 之后,应使用主机用户名创建在附加卷中创建的新文件。
注意:我建议通过在USER mynamehere行之前添加此权限,在Dockerfile中为用户mynamehere赋予sudo权限:
RUN apt-get update && apt-get install sudo && \
adduser --disabled-password --gecos "" udocker && \
adduser udocker sudo && echo '%sudo ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers