Jenkins wrong volume permissions

docker jenkins virtualbox docker-compose shared-directory
33,590

Solution 1

The problem is, that your user in the container has different userid:groupid as the user on the host.

you have two possibilities:

  1. You can ensure that the user in the container has the same userid:groupid like the user on the host, which has access to the mounted volume. For this you have to adjust the user in the Dockerfile. Create a user in the dockerfile with the same userid:groupid and then switch to this user https://docs.docker.com/engine/reference/builder/#user

  2. You can ensure that the user on the host has the same userid:groupid like the user in the container. For this, enter the container with docker exec -it <container-name> bash and show the user id id -u <username> group id id -G <username>. Change the permissions of the mounted volume to this userid:groupid.

Solution 2

The easy fix it to use the -u parameter. Keep in mind this will run as a root user (uid=0)

docker run -u 0 -d -p 8080:8080 -p 50000:50000 -v /data/jenkins:/var/jenkins_home jenkins/jenkins:lts

Solution 3

As haschibaschi stated your user in the container has different userid:groupid than the user on the host.

To get around this is to start the container without the (problematic) volume mapping, then run bash on the container:

docker run -p 8080:8080 -p 50000:50000 -it jenkins bin/bash

Once inside the container's shell run the id command and you'll get results like:

uid=1000(jenkins) gid=1000(jenkins) groups=1000(jenkins)

Exit the container, go to the folder you are trying to map and run:

chown -R 1000:1000 .

With the permissions now matching, you should be able to run the original docker command with the volume mapping.

Solution 4

You may be under SELinux. Running the container as privileged solved the issue for me:

sudo docker run --privileged -p 8080:8080 -p 50000:50000 -v /data/jenkins:/var/jenkins_home jenkins/jenkins:lts

From https://docs.docker.com/engine/reference/commandline/run/#full-container-capabilities---privileged:

The --privileged flag gives all capabilities to the container, and it also lifts all the limitations enforced by the device cgroup controller. In other words, the container can then do almost everything that the host can do. This flag exists to allow special use-cases, like running Docker within Docker.

Solution 5

As an update of @Kiem's response, using $UID to ensure container uses the same user id as the host, you can do this:

docker run -u $UID -d -p 8080:8080 -p 50000:50000 -v /data/jenkins:/var/jenkins_home jenkins/jenkins:lts
Share:
33,590
Taoufik J
Author by

Taoufik J

"The three chief virtues of a programmer are: Laziness, Impatience and Hubris." - Larry Wall Laziness: I'm too lazy to do the same task repeatedly so write scripts to do that task for me. This makes people think I am intelligent. Impatience: I'm too impatient to wait for my code to run so rewrite the code to improve performance. This makes people think I am a good programmer. Hubris: When someone asks if I can do something I just say Yes, then go find out how to do it (Google!). This makes people think I can do anything. Ultimately, it means I can make a career out of being Lazy, Impatient, and Hubristic.

Updated on February 12, 2022

Comments

  • Taoufik J
    Taoufik J about 2 years

    I have a virtual machine hosting Oracle Linux where I've installed Docker and created containers using a docker-compose file. I placed the jenkins volume under a shared folder but when starting the docker-compose up I got the following error for Jenkins :

    jenkins | touch: cannot touch ‘/var/jenkins_home/copy_reference_file.log’: Permission denied jenkins | Can not write to /var/jenkins_home/copy_reference_file.log. Wrong volume permissions? jenkins exited with code 1

    Here's the volumes declaration

      volumes:
    - "/media/sf_devops-workspaces/dev-tools/continuous-integration/jenkins:/var/jenkins_home"

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

How to configure a dockerfile and docker-compose for Jenkins
docker : When creating a machine, VT-X/AMD is enabled yet
How to get Image ID of docker in jenkins?
How can I push multiple containers, created with docker-compose, to a registry
How to dynamically change the docker-compose image field
How to restart flutter app in docker container?
How can I run a flutter web app using Docker?
Docker - Flutter Web deployment - Site cannot be reached
Docker compose up 'Exec format error' loading a library
How to run podman from inside a container?