Dockerfile中针对Ruby应用的文件权限问题

Question

Dockerfile中针对Ruby应用的文件权限问题

3

你好，我正在尝试创建一款使用容器中用户ID和组ID的Ruby应用程序，就像在主机中一样，即1000。

但是我遇到了权限问题，但我无法弄清楚原因。

这是我收到的错误消息：

There was an error while trying to write to `/home/appuser/myapp/Gemfile.lock`.
It is likely that you need to grant write permissions for that path.
The command '/bin/sh -c bundle install' returned a non-zero code: 23

这是我的Dockerfile文件：

# Dockerfile
FROM ruby:2.5

RUN apt-get update -qq && apt-get install -y build-essential libpq-dev nodejs

RUN groupadd -r -g 1000 appuser
RUN useradd -r -m -u 1000 -g appuser appuser
USER appuser

RUN mkdir /home/appuser/myapp

WORKDIR /home/appuser/myapp

COPY Gemfile Gemfile.lock ./

RUN bundle install

COPY . ./

- Hub 20xx

在 WORKDIR /home/appuser/myapp 之后运行 RUN ls -la . 会打印出什么？ - Aleksei Matiushkin

@mudasobwa 它打印出：drwxr-xr-x 2 appuser appuser 4096 Aug 24 09:01 . drwxr-xr-x 3 appuser appuser 4096 Aug 24 09:01 .. - Hub 20xx

应该使用chmod -R +w /home/appuser/myapp命令。在切换到appuser之前或在运行构建之前，您需要在系统上修改文件。 - ConorSheehan1

1个回答

网页内容由stack overflow 提供, 点击上面的

可以查看英文原文，
原文链接

- ConorSheehan1 · Accepted Answer

如果您想要一个纯Docker解决方案，请尝试以下方法：

FROM ruby:2.5

RUN apt-get update -qq && apt-get install -y build-essential libpq-dev nodejs

# Reduce layers by grouping related commands into single RUN steps
RUN groupadd -r -g 1000 appuser && \
useradd -r -m -u 1000 -g appuser appuser

# Setting workdir will also create the dir if it doesn't exist, so no need to mkdir
WORKDIR /home/appuser/myapp

# Copy everything over in one go
COPY . ./

# This line should fix your issue 
# (give the user ownership of their home dir and make Gemfile.lock writable)
# Must still be root for this to work
RUN chown -R appuser:appuser /home/appuser/ && \
chmod +w /home/appuser/myapp/Gemfile.lock

USER appuser

RUN bundle install

也许更好的主意是使用类似以下方式修复您主机系统上的权限问题：

sudo chmod g+w Gemfile.lock