Dockerfile无法更改用户访问权限 [英] Dockerfile failed to change user access

问题描述

我想在docker上运行jenkins并更改用户访问权限，以便可以读取SSH密钥并访问git。
这是dockerfile的示例

I want to run jenkins on docker and change the user access so could read the SSH key and access git. Here is sample of the dockerfile

FROM jenkins/jenkins:lts

USER root 

COPY --chown=jenkins:jenkins id_rsa $JENKINS_HOME/.ssh/id_rsa
COPY --chown=jenkins:jenkins id_rsa.pub $JENKINS_HOME/.ssh/id_rsa.pub
RUN /bin/bash -c 'ls -la $JENKINS_HOME/.ssh; chmod 600 -R $JENKINS_HOME/.ssh; ls -la $JENKINS_HOME/.ssh'

生成时输出成功，访问权限已更改！

The output upon build is a success, access has been changed!

Step 3/3 : RUN /bin/bash -c 'ls -la $JENKINS_HOME/.ssh; chmod 600 -R $JENKINS_HOME/.ssh; ls -la $JENKINS_HOME/.ssh'
 ---> Running in 137d1a4f9f6d
total 16
drwxr-xr-x 2 jenkins jenkins 4096 Jan  8 04:11 .
drwxr-xr-x 3 jenkins jenkins 4096 Jan  8 04:11 ..
-rwxr-xr-x 1 jenkins jenkins 1843 Jan  2 02:33 id_rsa
-rwxr-xr-x 1 jenkins jenkins  413 Jan  2 02:33 id_rsa.pub
total 16
drw------- 2 jenkins jenkins 4096 Jan  8 04:11 .
drwxr-xr-x 3 jenkins jenkins 4096 Jan  8 04:11 ..
-rw------- 1 jenkins jenkins 1843 Jan  2 02:33 id_rsa
-rw------- 1 jenkins jenkins  413 Jan  2 02:33 id_rsa.pub
Removing intermediate container 137d1a4f9f6d
 ---> 7d6334d2b044

但是当我进入 / bin / bash 访问权限设置为默认值，chmod不起作用

However when I go inside the /bin/bash the access is set to default, the chmod was not working

jenkins@f49048ec8c88:/$ ls -al /var/jenkins_home/.ssh/
total 16
drwxr-xr-x  2 jenkins jenkins 4096 Jan  8 04:25 .
drwxr-xr-x 16 jenkins jenkins 4096 Jan  8 04:26 ..
-rwxr-xr-x  1 jenkins jenkins 1843 Jan  2 02:33 id_rsa
-rwxr-xr-x  1 jenkins jenkins  413 Jan  2 02:33 id_rsa.pub

你知道为什么这种行为吗？

any idea why the behavior is this way?

推荐答案

发生这种情况是因为 $ JENKINS_HOME 被定义为<$ c $ jenkins：lts 基本图像中的c> VOLUME 。您可以通过3种方式中的任何一种来解决此问题。

This happened because $JENKINS_HOME is defined as VOLUME in jenkins:lts base image. You can workaround this in any of the 3 ways

1. 您可以在构建主机之前对其进行修复，并且该主机应该可以工作。

1. You can fix the permissions on host machine before building and it should work.

您可以使用多阶段构建，更改权限并从第一阶段复制文件

You can use multi stage build, change the permission and copy files from first stage

FROM jenkins/jenkins:lts as base
USER root
COPY --chown=jenkins:jenkins id_rsa /tmp/ssh_keys/
COPY --chown=jenkins:jenkins id_rsa.pub  /tmp/ssh_keys/
RUN chmod 600 -R /tmp/ssh_keys

FROM jenkins/jenkins:lts
USER root
COPY --chown=jenkins:jenkins --from=base /tmp/ssh_keys $JENKINS_HOME/.ssh

1. 作为构建的一部分，您可以在临时目录中复制和更改文件的权限。作为启动脚本（入口点）的一部分，您可以将它们从临时目录复制到实际目录。

这篇关于Dockerfile无法更改用户访问权限的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！