问题描述
我有一个关于 docker 的简单问题。我正在尝试使用 root 在 linux 主机中运行 openmicroscopy/apacheds 容器。我有自己的 config.ldif 文件,在启动时根据说明映射到容器的原始 config.ldif 中。但是我运行容器失败,当我检查日志时,启动脚本试图将config.ldif的所有者更改为apacheds:apacheds,这是一个仅存在于容器中的用户。据我所知,当我运行容器时,如果我从未指定用户,它将在容器中使用 root,这意味着容器中的 root 尝试更改 config.ldif 的所有者,但失败了。顺便说一下,在主机中,config.ldif 属于 root:root。我很迷茫。我试过 -u root 或 priviledged = true,两者都不起作用。据我所知,这个更改所有者命令应该运行,在容器内部,文件应该属于apacheds:apacheds,如果容器中的apacheds用户的userid为999,则外部主机中的文件应该属于999: 999?如果可能,请帮助我,非常感谢。
解决方法
The docker file is:
FROM ubuntu:16.04
MAINTAINER ome-devel@lists.openmicroscopy.org.uk
#############################################
# ApacheDS installation
#############################################
ENV APACHEDS_VERSION 2.0.0.AM26
ENV APACHEDS_ARCH amd64
ENV APACHEDS_ARCHIVE apacheds-${APACHEDS_VERSION}-${APACHEDS_ARCH}.deb
ENV APACHEDS_DATA /var/lib/apacheds
ENV APACHEDS_USER apacheds
ENV APACHEDS_GROUP apacheds
RUN ln -s ${APACHEDS_DATA}-${APACHEDS_VERSION} ${APACHEDS_DATA}
VOLUME ${APACHEDS_DATA}
RUN echo 'debconf debconf/frontend select Noninteractive' | debconf-set-selections \
&& apt-get update \
&& apt-get install -y \
apt-utils
RUN echo 'debconf debconf/frontend select Noninteractive' | debconf-set-selections \
&& apt-get install -y \
ldap-utils \
procps \
openjdk-8-jre-headless \
curl \
jq \
&& curl https://downloads.apache.org/directory/apacheds/dist/${APACHEDS_VERSION}/${APACHEDS_ARCHIVE} > ${APACHEDS_ARCHIVE} \
&& dpkg -i ${APACHEDS_ARCHIVE} \
&& rm ${APACHEDS_ARCHIVE}
# Ports defined by the default instance configuration:
# 10389: ldap
# 10636: ldaps
# 60088: kerberos
# 60464: changePasswordServer
# 8080: http
# 8443: https
EXPOSE 10389 10636 60088 60464 8080 8443
#############################################
# ApacheDS bootstrap configuration
#############################################
ENV APACHEDS_INSTANCE default
ENV APACHEDS_BOOTSTRAP /bootstrap
ADD scripts/run.sh /run.sh
RUN chown ${APACHEDS_USER}:${APACHEDS_GROUP} /run.sh \
&& chmod u+rx /run.sh
ADD instance/* ${APACHEDS_BOOTSTRAP}/conf/
RUN sed -i "s/ads-contextentry:: [A-Za-z0-9\+\=\/]*/ads-contextentry:: $(base64 -w 0 $APACHEDS_BOOTSTRAP/conf/ads-contextentry.decoded)/g" /$APACHEDS_BOOTSTRAP/conf/config.ldif
ADD ome.ldif ${APACHEDS_BOOTSTRAP}/
RUN mkdir ${APACHEDS_BOOTSTRAP}/cache \
&& mkdir ${APACHEDS_BOOTSTRAP}/run \
&& mkdir ${APACHEDS_BOOTSTRAP}/log \
&& mkdir ${APACHEDS_BOOTSTRAP}/partitions \
&& chown -R ${APACHEDS_USER}:${APACHEDS_GROUP} ${APACHEDS_BOOTSTRAP}
RUN apt-get install -y python-ldap
ADD bin/ldapmanager /usr/local/bin/ldapmanager
#############################################
# ApacheDS wrapper command
#############################################
# Correct for hard-coded INSTANCES_DIRECTORY variable
RUN sed -i "s#/var/lib/apacheds-${APACHEDS_VERSION}#/var/lib/apacheds#" /opt/apacheds-${APACHEDS_VERSION}/bin/apacheds
RUN curl -L -o /usr/local/bin/dumb-init \
https://github.com/Yelp/dumb-init/releases/download/v1.2.1/dumb-init_1.2.1_amd64 && \
chmod +x /usr/local/bin/dumb-init
ENTRYPOINT ["/run.sh"]
=============================================================
The run.sh is below:
#!/usr/local/bin/dumb-init /bin/bash
# Environment variables:
# APACHEDS_VERSION
# APACHEDS_INSTANCE
# APACHEDS_BOOTSTRAP
# APACHEDS_DATA
# APACHEDS_USER
# APACHEDS_GROUP
APACHEDS_INSTANCE_DIRECTORY=${APACHEDS_DATA}/${APACHEDS_INSTANCE}
PIDFILE="${APACHEDS_INSTANCE_DIRECTORY}/run/apacheds-${APACHEDS_INSTANCE}.pid"
# When a fresh data folder is detected then bootstrap the instance configuration.
if [ ! -d ${APACHEDS_INSTANCE_DIRECTORY} ]; then
mkdir ${APACHEDS_INSTANCE_DIRECTORY}
cp -rv ${APACHEDS_BOOTSTRAP}/* ${APACHEDS_INSTANCE_DIRECTORY}
chown -v -R ${APACHEDS_USER}:${APACHEDS_GROUP} ${APACHEDS_INSTANCE_DIRECTORY}
fi
cleanup(){
if [ -e "${PIDFILE}" ];
then
echo "Cleaning up ${PIDFILE}"
rm "${PIDFILE}"
fi
}
trap cleanup EXIT
cleanup
/opt/apacheds-${APACHEDS_VERSION}/bin/apacheds start ${APACHEDS_INSTANCE}
sleep 2 # Wait on new pid
shutdown(){
echo "Shutting down..."
/opt/apacheds-${APACHEDS_VERSION}/bin/apacheds stop ${APACHEDS_INSTANCE}
}
trap shutdown INT TERM
tail -n 0 --pid=$(cat $PIDFILE) -f ${APACHEDS_INSTANCE_DIRECTORY}/log/apacheds.log
==============================================================================
After running this docker image,the {config.ldif} file owner and group in the container become ?. I am not sure why is that. And I also didn't find where is the place in either docker file,or run.sh script to run the apacheds as apacheds? Thanks.
,
这里还有一个更新,我在我的 config.ldif 文件中发现了一些问题并更正了它。当我尝试重新运行容器时,它起作用了,
docker run --name ldap -d -p 389:10389 -e APACHEDS_INSTANCE=yourinstance -v /path/to/your/config.ldif:/bootstrap/conf/config.ldif:ro openmicroscopy/apacheds
但是,当我登录容器时,看到/bootstrap/conf/目录下的config.ldif,这个文件的所有者组是root:root,而其余的文件是apacheds:apacheds,为什么config.ldif 未更改为 apacheds:apachds?谢谢。