APK Docker无法锁定数据库:权限被拒绝

时间:2020-02-10 13:41:13

标签: linux docker apk

我在docker build上遇到以下错误

错误:无法锁定数据库:权限被拒绝 错误:无法打开apk数据库:权限被拒绝

奇怪的是,APK ADD的第一部分工作正常:

Step 31/41 : RUN apk add --no-cache         bash         ca-certificates         openjdk11-jre-headless         tzdata
     tini         xmlstarlet     && wget -O  /usr/local/bin/wait-for-it.sh       "https://raw.githubusercontent.com/vishnubob/wait-for-it/a454892f3c2ebbc22bd15e446415b8fcb7c1cfa4/wait-for-it.sh" --no-check-certificate     && chmod +x /usr/local/bin/wait-for-it.sh

但是第二部分没有:

Step 36/41 : RUN apk add openssh      && echo "root:Docker!" | chpasswd
 ---> Running in 5626e233c96d
ERROR: Unable to lock database: Permission denied
ERROR: Failed to open apk database: Permission denied

我的docker文件在下面

FROM alpine:3.10 as builder

ARG VERSION=7.12.0
ARG DISTRO=tomcat
ARG SNAPSHOT=true

ARG EE=false
ARG USER
ARG PASSWORD

RUN apk add --no-cache \
        ca-certificates \
        maven \
        tar \
        wget \
        xmlstarlet

COPY settings.xml download.sh camunda-tomcat.sh camunda-wildfly.sh  /tmp/

RUN /tmp/download.sh

#Enable Basic AUTH
COPY web.xml /camunda/webapps/engine-rest/WEB-INF/web.xml 

##### FINAL IMAGE #####

FROM alpine:3.10

ARG VERSION=7.12.0



ENV CAMUNDA_VERSION=${VERSION}
ENV DB_DRIVER=com.microsoft.sqlserver.jdbc.SQLServerDriver
ENV DB_URL=xxx
ENV DB_USERNAME=xx
ENV DB_PASSWORD=xx
ENV DB_CONN_MAXACTIVE=20
ENV DB_CONN_MINIDLE=5
ENV DB_CONN_MAXIDLE=20
ENV DB_VALIDATE_ON_BORROW=true
ENV DB_VALIDATION_QUERY="SELECT 1"
ENV SKIP_DB_CONFIG=
ENV WAIT_FOR=
ENV WAIT_FOR_TIMEOUT=120
ENV TZ=UTC
ENV DEBUG=TRUE
ENV JAVA_OPTS="-Xmx768m -XX:MaxMetaspaceSize=256m"

EXPOSE 8080 8000

# Downgrading wait-for-it is necessary until this PR is merged
# https://github.com/vishnubob/wait-for-it/pull/68
RUN apk add --no-cache \
        bash \
        ca-certificates \
        openjdk11-jre-headless \
        tzdata \
        tini \
        xmlstarlet \
    && wget -O  /usr/local/bin/wait-for-it.sh \
      "https://raw.githubusercontent.com/vishnubob/wait-for-it/a454892f3c2ebbc22bd15e446415b8fcb7c1cfa4/wait-for-it.sh" --no-check-certificate \
    && chmod +x /usr/local/bin/wait-for-it.sh

RUN addgroup -g 1000 -S camunda && \
    adduser -u 1000 -S camunda -G camunda -h /camunda -s /bin/bash -D camunda
WORKDIR /camunda
USER camunda

#MSSQL SERVER JDBC DRIVER INSTALL
COPY mssql-jdbc-7.2.2.jre11.jar /camunda/lib/

# ssh
RUN apk add openssh \
     && echo "root:Docker!" | chpasswd 

COPY sshd_config /etc/ssh/
EXPOSE 80 2222

# end ssh config

ENTRYPOINT ["/sbin/tini", "--"]
CMD "./camunda.sh" && "/usr/sbin/sshd"

COPY --chown=camunda:camunda --from=builder /camunda .

1 个答案:

答案 0 :(得分:1)

USER camunda
...
RUN apk add openssh

camunda用户无法安装apk软件包,但没有安装权限。切换用户之前,请安装所有软件包。或者稍后,根据您要做什么设置CMD之前切换用户。或添加sudo并将NOPASSWD awk添加到sudoers的{​​{1}}文件中,并用camunda完成。无论哪种方法-确保您具有运行sudo并遵循apk的权限。

相关问题
最新问题