无法将Docker卷的写权限授予Docker Compose中的非root用户 [英] Unable to give write permissions to Docker volume to non-root user in Docker Compose
问题描述
我正在运行一个Docker Compose环境,在其中可以执行一系列Selenium测试.为此,我使用了 Selenium提供的图像.我运行两个容器:一个为 Selenium HUB ,另一个为 Selenium Firefox Node .我有第三个容器,定义了谁负责测试的执行(我们称其为 Tests Node ).
I'm running a Docker Compose environment in which to execute a bunch of Selenium tests. In order to do that, I'm using the images Selenium provides. I run two containers: one as the Selenium HUB and another as a Selenium Firefox Node. I have a third container defined who is in charge of the tests execution (let's call it Tests Node).
我创建了一个 Selenium Firefox节点和测试节点使用的Docker卷,以便它们可以共享某些文件.我将其称为 selenium_volume
卷,并且已将其同时安装在/selenium_tests
上.
I created a Docker volume used by the Selenium Firefox Node and the Tests Node so certain files can be shared by them both. I called the volume selenium_volume
and it's mounted for both on /selenium_tests
.
我很快就遇到了一个问题,即在两个系统中都为用户 root
创建了该文件夹,但是 Selenium Firefox Node 默认使用的用户是 seluser
.它具有读取但没有写入权限,这是我所需要的.
I soon faced a problem for that folder is created in both systems for user root
, but the user the Selenium Firefox Node uses by default is seluser
. It has read but not write permissions, which I need.
我试图将以下内容用作容器 entrypoint
,因此我将 seluser
设置为目录的所有者: bash -c'sudo chown -R seluser:seluser/selenium_tests&&/opt/bin/entry_point.sh'
,但无法正常工作.
I tried to use the following as the container entrypoint
, so I make seluser
the owner of the directory: bash -c 'sudo chown -R seluser:seluser /selenium_tests && /opt/bin/entry_point.sh'
, but it's not working.
启动容器后,我连接到容器( docker exec -ti selenium-firefox bash
)时,我看到该文件夹仍属于 root
.如果然后连接,请运行命令 sudo chown -R seluser:seluser/selenium_tests&&/opt/bin/entry_point.sh'
,文件夹权限已更改,我们达到了我期望的水平.
When I connect to the container after it's launched (docker exec -ti selenium-firefox bash
), I see the folder still belongs to root
. If I then once connected run the command sudo chown -R seluser:seluser /selenium_tests && /opt/bin/entry_point.sh'
, the folder permissions are changed and we reach to the point I was expecting.
我想知道为什么当我手动运行命令时它可以工作,但是在容器的入口点脚本之前通过 entrypoint
运行时却无法运行.
I would like to know why it's working when I run the command manually but it's not when running through the entrypoint
before the entrypoint script of the container.
当前,我的 docker-compose.yml
类似于以下内容:
Currently my docker-compose.yml
looks similar to the following:
version: '3.8'
services:
tests-node:
build: .
depends_on:
- selenium-hub
- selenium-firefox
# the wait-for-it.sh command makes the container wait until the Selenium containers are ready to work
entrypoint: ["./wait-for-it.sh", "-t", "15", "selenium-firefox:5555", "--"]
command: ["execute_tests.sh"]
volumes:
- ./remote_reports/:/selenium_tests/reports/
- type: volume
source: selenium_volume
target: /selenium_tests
networks:
selenium_net: {}
selenium-hub:
image: selenium/hub:3.141.59
ports:
- "4444:4444"
networks:
selenium_net: {}
selenium-firefox:
image: selenium/node-firefox:3.141.59
depends_on:
- selenium-hub
entrypoint: bash -c 'sudo chown -R seluser:seluser /selenium_tests && /opt/bin/entry_point.sh'
volumes:
- /dev/shm:/dev/shm
- type: volume
source: selenium_volume
target: /selenium_tests
environment:
- HUB_HOST=selenium-hub
- HUB_PORT=4444
networks:
selenium_net: {}
expose:
- 5555
volumes:
selenium_volume:
networks:
selenium_net:
driver: bridge
我试图在 entrypoint
之后将chown命令作为 command
运行,但是我认为它永远都无法实现,因为在 entrypoint
一直在前台运行.
I tried to run the chown command as command
after the entrypoint
but it never reaches I think because the script that is launched during the entrypoint
keeps running in foreground.
我想直接在docker-compose.yml上做所有事情,并避免创建任何Dockerfile,但是我不知道这是否可能.
I would like to do all the things directly on the docker-compose.yml and avoiding to create any Dockerfile, but I don't know if this is possible at this point.
推荐答案
最简单的方法是在开始执行以下操作之前,将 chmod -R 777/selenium_tests
添加到 execute_tests.sh
中.测试.在这种情况下,@ aorestr,您无需更改 selenium-firefox
容器的 entrypoint
.
The simplest way is to add chmod -R 777 /selenium_tests
to execute_tests.sh
before starting the tests. In this case, @aorestr, you don't need to change entrypoint
of the selenium-firefox
container.
这篇关于无法将Docker卷的写权限授予Docker Compose中的非root用户的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!