我正在运行RedHat Enterprise Linux 7的服务器上运行Docker。我已经创建了一个具有CentOS基本映像的Dockerfile,并且正尝试使用useradd命令创建一个非root用户,如本Stackoverflow { {3}}。我的dockerfile如下所示(省略了一些行):
FROM centos:7
RUN yum install -y make \
&& yum install -y bc
RUN useradd -ms /bin/bash newuser
USER newuser
#Other commands that docker build does not reach
当我使用以下命令进行构建时:
docker build -t docker.io/user/myimage -f Dockerfile .运行先前的命令,但是当docker build到达RUN useradd命令时,我得到以下错误:
ApplyLayer exit status 1 stdout: stderr: remove /etc/passwd: permission denied
docker info的输出如下:
Server Version: 1.13.1
Storage Driver: devicemapper
Pool Name: docker-253:2-4300033608-pool
Pool Blocksize: 65.54 kB
Base Device Size: 10.74 GB
Backing Filesystem: xfs
Data file: /dev/loop0
Metadata file: /dev/loop1
Data Space Used: 712.9 MB
Data Space Total: 107.4 GB
Data Space Available: 106.7 GB
Metadata Space Used: 18.08 MB
Metadata Space Total: 2.147 GB
Metadata Space Available: 2.129 GB
Thin Pool Minimum Free Space: 10.74 GB
Data loop file: /var/lib/docker/devicemapper/devicemapper/data
WARNING: Usage of loopback devices is strongly discouraged for production use. Use `--storage-opt dm.thinpooldev` to specify a custom block storage device.
Metadata loop file: /var/lib/docker/devicemapper/devicemapper/metadata
Library Version: 1.02.149-RHEL7 (2018-07-20)
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: bridge host macvlan null overlay
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: (expected: aa8187dbd3b7ad67d8e5e3a15115d3eef43a7ed1)
runc version: df5c38a9167e87f53a9894d77c0950e178a745e7 (expected: 9df8b306d01f59d3a8029be411de015b7304dd8f)
init version: N/A (expected: 949e6facb77383876aeff8a6944dde66b3089574)
Security Options:
seccomp
Profile: default
Kernel Version: 3.10.0-957.1.3.el7.x86_64
Operating System: Red Hat Enterprise Linux
OSType: linux
Architecture: x86_64
Number of Docker Hooks: 3
CPUs: 80
Total Memory: 881.6 GiB
Name:
ID:
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Http Proxy: http://url:8080
Username: arahatdohmh
Registry: https://index.docker.io/v1/
WARNING: bridge-nf-call-iptables is disabled
WARNING: bridge-nf-call-ip6tables is disabled
Experimental: false
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false
Registries: docker.io (secure)
关于如何解决此问题的任何想法?