Why does docker prompt Permission denied when backing up the data volume?
I just tried the commands you listed and they worked for me, both under an OSX platform and also a straight up linux platform. The thing is you are mounting $(pwd) (from your host) to /backup (in the ubuntu image, third docker run above).
I suspect that when you launch the command you are in a directory that is not writable? I tried to get it to fail like this:
mkdir failme
chmod 000 failme
cd failme
docker run --volumes-from dbdata -v $(pwd):/backup ubuntu tar cvf /backup/backup.tar /dbdata
But, it worked :-)
So, I cd'ed into a directory that isn't writable by root:
cd /proc
root@kube:/proc# docker run --volumes-from dbdata -v $(pwd):/backup ubuntu tar cvf /backup/backup.tar /dbdata
tar: /backup/backup.tar: Cannot open: Permission denied
tar: Error is not recoverable: exiting now
Is it possible that you are starting from a directory that is not writable by root?
Please post the output to these commands: First, run:
docker run --name ins --volumes-from dbdata -v $(pwd):/backup ubuntu sleep 99999 &
(instead of the backup command command you have listed.)
then do an inspect and post those results:
docker inspect ins
And the answer turned out to be that it was the selinux causing the errors. The Original Poster found the answer:
setenforce 0
Why does docker container prompt Permission denied?
A permission denied within a container for a shared directory could be due to the fact that this shared directory is stored on a device. By default containers cannot access any devices. Adding the option $docker run --privileged
allows the container to access all devices and performs Kernel calls. This is not considered as secure.
A cleaner way to share device is to use the option docker run --device=/dev/sdb
(if /dev/sdb
is the device you want to share).
From the man page:
--device=[]
Add a host device to the container (e.g. --device=/dev/sdc:/dev/xvdc:rwm)
--privileged=true|false
Give extended privileges to this container. The default is false.
By default, Docker containers are “unprivileged” (=false) and cannot, for example, run a Docker daemon inside the Docker container. This is because by default a container is not allowed to access any devices. A “privileged” container is given access to all devices.
When the operator executes docker run --privileged, Docker will enable access to all devices on the host as well as set some configuration in AppArmor to allow the container nearly all the same access to the host as processes running outside of a container on the host.
How to fix docker: Got permission denied issue
If you want to run docker as non-root user then you need to add it to the docker group.
- Create the docker group if it does not exist
$ sudo groupadd docker
- Add your user to the docker group.
$ sudo usermod -aG docker $USER
- Log in to the new
docker
group (to avoid having to log out / log in again; but if not enough, try to reboot):
$ newgrp docker
- Check if docker can be run without root
$ docker run hello-world
Reboot if still got error
$ reboot
Warning
The docker group grants privileges equivalent to the root user. For details on how this impacts security in your system, see Docker Daemon Attack Surface..
Taken from the docker official documentation:
manage-docker-as-a-non-root-user
Failed to solve with frontend Dockerfile
The name of Docker files doesn't have any extension. It's just Dockerfile
with capital D
and lowercase f
.
You can also specify the Dockerfile name, such as docker build . -f Dockerfile.txt
if you'd like to name it something else.
Chown permission denied while Docker volume binding
sudo chown "$USER":"$USER" /home/"$USER"/.docker -R
sudo chmod g+rwx "$HOME/.docker" -R
Related Topics
How to Set Emacsclient Background as Emacs Background
How to Build an If Condition in Shell to Check Whether Curl Succeeded
Comparing Numbers in Bash Scripting
How to Autocomplete a Bash Commandline with File Paths
I.Mx35 Suspend CPU and Ddr2 from Iram
How to Enable Evp Functions in Openssl
How to Catch Stdout Stream in Ffmpeg Then Pipe It to V4L2Loopback
Question About File Seeking Position
How to Kill All Child Processes Without Killing the Parent
Calculate Mean of Each Column Ignoring Missing Data with Awk
Argument List Too Long When Concatenating Lots of Files in a Folder
How to Determine the Precise Set of Environment Variables a Systemd Environmentfile Would Set
How to Enable/Disable Kernel Kaslr, Smep and Smap
Interrupting Syscalls in Threads on Linux
Find Value from One CSV in Another One (Like Vlookup) in Bash (Linux)