APK Docker 无法锁定数据库:权限被拒绝
APK Docker Unable to lock database: Permission denied
我在 docker build
上有以下错误
错误:无法锁定数据库:权限被拒绝
错误:无法打开 apk 数据库:权限被拒绝
奇怪的是 APK ADD 的第一部分工作正常:
Step 31/41 : RUN apk add --no-cache bash ca-certificates openjdk11-jre-headless tzdata
tini xmlstarlet && wget -O /usr/local/bin/wait-for-it.sh "https://raw.githubusercontent.com/vishnubob/wait-for-it/a454892f3c2ebbc22bd15e446415b8fcb7c1cfa4/wait-for-it.sh" --no-check-certificate && chmod +x /usr/local/bin/wait-for-it.sh
但第二部分没有:
Step 36/41 : RUN apk add openssh && echo "root:Docker!" | chpasswd
---> Running in 5626e233c96d
ERROR: Unable to lock database: Permission denied
ERROR: Failed to open apk database: Permission denied
我的docker文件在下面
FROM alpine:3.10 as builder
ARG VERSION=7.12.0
ARG DISTRO=tomcat
ARG SNAPSHOT=true
ARG EE=false
ARG USER
ARG PASSWORD
RUN apk add --no-cache \
ca-certificates \
maven \
tar \
wget \
xmlstarlet
COPY settings.xml download.sh camunda-tomcat.sh camunda-wildfly.sh /tmp/
RUN /tmp/download.sh
#Enable Basic AUTH
COPY web.xml /camunda/webapps/engine-rest/WEB-INF/web.xml
##### FINAL IMAGE #####
FROM alpine:3.10
ARG VERSION=7.12.0
ENV CAMUNDA_VERSION=${VERSION}
ENV DB_DRIVER=com.microsoft.sqlserver.jdbc.SQLServerDriver
ENV DB_URL=xxx
ENV DB_USERNAME=xx
ENV DB_PASSWORD=xx
ENV DB_CONN_MAXACTIVE=20
ENV DB_CONN_MINIDLE=5
ENV DB_CONN_MAXIDLE=20
ENV DB_VALIDATE_ON_BORROW=true
ENV DB_VALIDATION_QUERY="SELECT 1"
ENV SKIP_DB_CONFIG=
ENV WAIT_FOR=
ENV WAIT_FOR_TIMEOUT=120
ENV TZ=UTC
ENV DEBUG=TRUE
ENV JAVA_OPTS="-Xmx768m -XX:MaxMetaspaceSize=256m"
EXPOSE 8080 8000
# Downgrading wait-for-it is necessary until this PR is merged
# https://github.com/vishnubob/wait-for-it/pull/68
RUN apk add --no-cache \
bash \
ca-certificates \
openjdk11-jre-headless \
tzdata \
tini \
xmlstarlet \
&& wget -O /usr/local/bin/wait-for-it.sh \
"https://raw.githubusercontent.com/vishnubob/wait-for-it/a454892f3c2ebbc22bd15e446415b8fcb7c1cfa4/wait-for-it.sh" --no-check-certificate \
&& chmod +x /usr/local/bin/wait-for-it.sh
RUN addgroup -g 1000 -S camunda && \
adduser -u 1000 -S camunda -G camunda -h /camunda -s /bin/bash -D camunda
WORKDIR /camunda
USER camunda
#MSSQL SERVER JDBC DRIVER INSTALL
COPY mssql-jdbc-7.2.2.jre11.jar /camunda/lib/
# ssh
RUN apk add openssh \
&& echo "root:Docker!" | chpasswd
COPY sshd_config /etc/ssh/
EXPOSE 80 2222
# end ssh config
ENTRYPOINT ["/sbin/tini", "--"]
CMD "./camunda.sh" && "/usr/sbin/sshd"
COPY --chown=camunda:camunda --from=builder /camunda .
USER camunda
...
RUN apk add openssh
camunda 用户无法安装 apk 软件包,他没有这样做的权限。在切换用户之前安装所有包。或者稍后切换用户,就在设置 CMD 之前,具体取决于您要做什么。或者添加 sudo 并将 NOPASSWD awk 添加到 camunda 的 sudoers 文件中,然后使用 sudo 进行操作。无论哪种方式 - 确保您有权访问 运行 apk 并关注 chpassw.
我在 docker build
上有以下错误错误:无法锁定数据库:权限被拒绝 错误:无法打开 apk 数据库:权限被拒绝
奇怪的是 APK ADD 的第一部分工作正常:
Step 31/41 : RUN apk add --no-cache bash ca-certificates openjdk11-jre-headless tzdata
tini xmlstarlet && wget -O /usr/local/bin/wait-for-it.sh "https://raw.githubusercontent.com/vishnubob/wait-for-it/a454892f3c2ebbc22bd15e446415b8fcb7c1cfa4/wait-for-it.sh" --no-check-certificate && chmod +x /usr/local/bin/wait-for-it.sh
但第二部分没有:
Step 36/41 : RUN apk add openssh && echo "root:Docker!" | chpasswd
---> Running in 5626e233c96d
ERROR: Unable to lock database: Permission denied
ERROR: Failed to open apk database: Permission denied
我的docker文件在下面
FROM alpine:3.10 as builder
ARG VERSION=7.12.0
ARG DISTRO=tomcat
ARG SNAPSHOT=true
ARG EE=false
ARG USER
ARG PASSWORD
RUN apk add --no-cache \
ca-certificates \
maven \
tar \
wget \
xmlstarlet
COPY settings.xml download.sh camunda-tomcat.sh camunda-wildfly.sh /tmp/
RUN /tmp/download.sh
#Enable Basic AUTH
COPY web.xml /camunda/webapps/engine-rest/WEB-INF/web.xml
##### FINAL IMAGE #####
FROM alpine:3.10
ARG VERSION=7.12.0
ENV CAMUNDA_VERSION=${VERSION}
ENV DB_DRIVER=com.microsoft.sqlserver.jdbc.SQLServerDriver
ENV DB_URL=xxx
ENV DB_USERNAME=xx
ENV DB_PASSWORD=xx
ENV DB_CONN_MAXACTIVE=20
ENV DB_CONN_MINIDLE=5
ENV DB_CONN_MAXIDLE=20
ENV DB_VALIDATE_ON_BORROW=true
ENV DB_VALIDATION_QUERY="SELECT 1"
ENV SKIP_DB_CONFIG=
ENV WAIT_FOR=
ENV WAIT_FOR_TIMEOUT=120
ENV TZ=UTC
ENV DEBUG=TRUE
ENV JAVA_OPTS="-Xmx768m -XX:MaxMetaspaceSize=256m"
EXPOSE 8080 8000
# Downgrading wait-for-it is necessary until this PR is merged
# https://github.com/vishnubob/wait-for-it/pull/68
RUN apk add --no-cache \
bash \
ca-certificates \
openjdk11-jre-headless \
tzdata \
tini \
xmlstarlet \
&& wget -O /usr/local/bin/wait-for-it.sh \
"https://raw.githubusercontent.com/vishnubob/wait-for-it/a454892f3c2ebbc22bd15e446415b8fcb7c1cfa4/wait-for-it.sh" --no-check-certificate \
&& chmod +x /usr/local/bin/wait-for-it.sh
RUN addgroup -g 1000 -S camunda && \
adduser -u 1000 -S camunda -G camunda -h /camunda -s /bin/bash -D camunda
WORKDIR /camunda
USER camunda
#MSSQL SERVER JDBC DRIVER INSTALL
COPY mssql-jdbc-7.2.2.jre11.jar /camunda/lib/
# ssh
RUN apk add openssh \
&& echo "root:Docker!" | chpasswd
COPY sshd_config /etc/ssh/
EXPOSE 80 2222
# end ssh config
ENTRYPOINT ["/sbin/tini", "--"]
CMD "./camunda.sh" && "/usr/sbin/sshd"
COPY --chown=camunda:camunda --from=builder /camunda .
USER camunda
...
RUN apk add openssh
camunda 用户无法安装 apk 软件包,他没有这样做的权限。在切换用户之前安装所有包。或者稍后切换用户,就在设置 CMD 之前,具体取决于您要做什么。或者添加 sudo 并将 NOPASSWD awk 添加到 camunda 的 sudoers 文件中,然后使用 sudo 进行操作。无论哪种方式 - 确保您有权访问 运行 apk 并关注 chpassw.