Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Docker mode failed to start server with permission denied errors #212

Closed
robbine opened this issue Apr 19, 2022 · 9 comments
Closed

Docker mode failed to start server with permission denied errors #212

robbine opened this issue Apr 19, 2022 · 9 comments

Comments

@robbine
Copy link

robbine commented Apr 19, 2022

Here is my Dockerfile, I only added some db configs and then run with command docker run -it -p 8000:80 --name imagetagger imagetagger.

FROM docker.io/debian:buster-slim

# install imagetagger system dependencies
RUN apt-get update && \
        apt-get install --no-install-recommends -y g++ wget uwsgi-plugin-python3 python3 python3-pip node-uglify make git \
            python3-psycopg2 python3-ldap3 python3-pkg-resources gettext gcc python3-dev python3-setuptools libldap2-dev \
            libsasl2-dev nginx

# add requirements file
WORKDIR /app/src
COPY imagetagger/requirements.txt /app/src/requirements.txt

# install python dependencies
RUN pip3 install -r /app/src/requirements.txt
RUN     pip3 install sentry-sdk uwsgi django-ldapdb django-auth-ldap

# clean container
RUN apt-get purge -y --auto-remove node-uglify git python3-pip make gcc python3-dev libldap2-dev libsasl2-dev \
    python3-setuptools
RUN apt-get clean

# add remaining sources
COPY imagetagger /app/src/imagetagger

# configure imagetagger.settings_local to be importable but 3rd party providable
RUN mkdir -p /app/data /app/config/
RUN touch /app/config/settings.py
RUN ln -sf /app/config/settings.py /app/src/imagetagger/imagetagger/settings_local.py

# configure runtime environment
RUN sed -i 's/env python/env python3/g' /app/src/imagetagger/manage.py

ARG UID_WWW_DATA=5008
ARG GID_WWW_DATA=33
RUN usermod -u $UID_WWW_DATA -g $GID_WWW_DATA -d /app/data/ www-data
RUN chown -R www-data /app

COPY docker/uwsgi_imagetagger.ini /etc/uwsgi/imagetagger.ini
COPY docker/nginx.conf /etc/nginx/sites-enabled/default
COPY docker/update_points docker/zip_daemon docker/run /app/bin/
RUN ln -sf /app/bin/* /usr/local/bin
ENTRYPOINT ["/usr/local/bin/run"]
ENV IN_DOCKER=true
ENV DJANGO_CONFIGURATION=Prod
ENV IT_FS_URL=/app/data
ENV IT_STATIC_ROOT=/var/www/imagetagger
ENV IT_SECRET_KEY=123456
ENV IT_DB_HOST=172.31.243.122
ENV IT_DB_PASSWORD=123456
ENV IT_DB_PORT=5433
ENV IT_DB_USER=robine
ENV IT_ENABLE_ZIP_DOWNLOAD=True
ENV IT_ALLOWED_HOSTS=127.0.0.1,localhost
ENV IT_EMAIL_HOST=abc.com
ENV IT_DOWNLOAD_BASE_URL=localhost
# add image metadata
EXPOSE 3008
EXPOSE 8000
VOLUME /app/config
VOLUME /app/data
writing pidfile to /tmp/zipdaemon.pid
[uwsgi-daemons] spawning "/usr/local/bin/zip_daemon" (uid: 5008 gid: 33)
SystemCheckError: System check identified some issues:

ERRORS:
permission denied: Persistent root filesystem is incorrectly configured. Could not create and delete a temporary check file
        HINT: Check your FS_URL settings (currently /app/data)
Tue Apr 19 08:13:20 2022 - [uwsgi-cron] running "/usr/local/bin/update_points" (pid 60)
@timonegk
Copy link
Member

It looks like /app/data is not writable. Could you check the directory permissions?
You can run docker run -it -p 8000:80 --entrypoint /bin/bash imagetagger to get a shell and run ls -la /app/data there.

@robbine
Copy link
Author

robbine commented Apr 19, 2022

Here is the output of ls -la /app/data, I am not sure if the root role caused this problem.
root@23fa7b00a265:/app/src# ls -la /app/data
total 8
drwxr-xr-x 2 www-data root 4096 Apr 19 06:23 .
drwxr-xr-x 1 www-data root 4096 Apr 19 06:37 ..

@robbine
Copy link
Author

robbine commented Apr 19, 2022

I then tried to start server manually by running 'uwsgi /etc/uwsgi/imagetagger.ini' as root, everything goes well.
I'm a bit confused with it.

@timonegk
Copy link
Member

What if you run /usr/local/bin/run manually?

@robbine
Copy link
Author

robbine commented Apr 20, 2022

same error message by running /usr/local/bin/run manually.
and uwsgi /etc/uwsgi/imagetagger.ini failed either (yesterday it was ok).
Do I need to switch from release-v0.6 to master ?

[uwsgi-daemons] spawning "/usr/local/bin/zip_daemon" (uid: 5008 gid: 33)
SystemCheckError: System check identified some issues:

ERRORS:
permission denied: Persistent root filesystem is incorrectly configured. Could not create and delete a temporary check file
HINT: Check your FS_URL settings (currently /app/data)
Wed Apr 20 04:20:09 2022 - [uwsgi-cron] running "/usr/local/bin/update_points" (pid 247)
subprocess 241 exited with code 0

@robbine
Copy link
Author

robbine commented Apr 20, 2022

I tried to first delete both "/app/data/images" and "/app/data/tools" directories, and then manually run /use/local/bin/run , everything is back to normal. So what is the root cause ?

@robbine
Copy link
Author

robbine commented Apr 21, 2022

sorry to bring this issue up againt. I tried the following command so as to mapping '/app/data' to a specific folder.
docker run -it -p 8000:80 -v /data2/app_data:/app/data --name imagetagger imagetagger

The error pops up again.
writing pidfile to /tmp/zipdaemon.pid
[uwsgi-daemons] spawning "/usr/local/bin/zip_daemon" (uid: 5008 gid: 33)
SystemCheckError: System check identified some issues:

ERRORS:
permission denied: Persistent filesystem is incorrectly configured. Could not create and delete a temporary check file
HINT: Check your FS_URL settings (currently /app/data)
Thu Apr 21 11:57:20 2022 - [uwsgi-cron] running "/usr/local/bin/update_points" (pid 66)
[uwsgi-daemons] found changed pid for "/usr/local/bin/zip_daemon" (old_pid: 60 new_pid: 61)
subprocess 60 exited with code 0
SystemCheckError: System check identified some issues:

ERRORS:
permission denied: Persistent filesystem is incorrectly configured. Could not create and delete a temporary check file
HINT: Check your FS_URL settings (currently /app/data)
[uwsgi-cron] command "/usr/local/bin/update_points" running with pid 66 exited after 2 second(s)
Thu Apr 21 11:57:30 2022 - [uwsgi-daemons] "/usr/local/bin/zip_daemon" (pid: 61) did not daemonize !!!
Thu Apr 21 11:57:40 2022 - [uwsgi-daemons] "/usr/local/bin/zip_daemon" (pid: 61) did not daemonize !!!
Thu Apr 21 11:57:50 2022 - [uwsgi-daemons] "/usr/local/bin/zip_daemon" (pid: 61) did not daemonize !!!

@timonegk
Copy link
Member

Which commit are you on? Maybe I can reproduce your problem.

@robbine
Copy link
Author

robbine commented Apr 22, 2022

I added one line 'chown -R www-data /app ' in /usr/local/bin/run file, the problem is fixed.

@robbine robbine closed this as completed Apr 22, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants