容器内的权限被拒绝

容器内的权限被拒绝

我正在尝试使用以下 dockerfile 和 docker compose 构建 Django 应用容器,但权限被拒绝。一周以来,我一直在寻找如何解决此错误。

Dockerfile-prod

FROM python:3.9-alpine3.13
LABEL maintainer="[email protected]"

ENV PYTHONDONTWRITEBYTECODE 1
ENV PYTHONUNBUFFERED 1

COPY ./requirements.txt /tmp/requirements.txt
COPY ./requirements.dev.txt /tmp/requirements.dev.txt
COPY ./scripts /scripts

COPY . /backend

WORKDIR /backend

EXPOSE 8000

ARG DEV=false

RUN python -m venv /py && \
    /py/bin/pip install --upgrade pip && \
    apk add --update --no-cache postgresql-client jpeg-dev && \
    apk add --update --no-cache --virtual .tmp-build-deps \
        build-base postgresql-dev musl-dev zlib zlib-dev linux-headers && \
    /py/bin/pip install -r /tmp/requirements.txt && \
    if [ $DEV = "true" ]; \
        then /py/bin/pip install -r /tmp/requirements.dev.txt ; \
    fi && \
    rm -rf /tmp && \
    apk del .tmp-build-deps && \
    adduser \
        --disabled-password \
        --no-create-home \
        django-user && \
    mkdir -p /vol/web/mediafiles && \
    mkdir -p /vol/web/staticfiles && \
    chown -R django-user:django-user /vol && \
    chmod -R 755 /vol && \
    chmod -R +x /scripts

ENV PATH="/scripts:/py/bin:$PATH"

USER django-user

CMD [ "run.sh" ]

并运行.sh

#!/bin/sh

set -e

python manage.py wait_for_db
python manage.py makemigrations
python manage.py migrate
python manage.py collectstatic --noinput
gunicorn backend.wsgi --bind 0.0.0.0:8000

docker-compose-prod.yml

version: "3.3"

services:
  db:
    image: postgres:13-alpine
    container_name: db-prod-c
    restart: always
    volumes:
      - db-prod:/var/lib/postgresql/data
    environment:
      - POSTGRES_DB=${DB_NAME}
      - POSTGRES_USER=${DB_USER}
      - POSTGRES_PASSWORD=${DB_PASS}

  backend:
    build:
      context: ./backend
      dockerfile: Dockerfile.prod
    #restart: always
    image: api-prod-i:django-prod
    container_name: api-prod-c
    volumes:
      - mediafiles:/vol/web/mediafiles
      - staticfiles:/vol/web/staticfiles
    environment:
      - DB_HOST=db
      - DB_NAME=${DB_NAME}
      - DB_USER=${DB_USER}
      - DB_PASS=${DB_PASS}
      - SECRET_KEY=${DJANGO_SECRET_KEY}
      - ALLOWED_HOSTS=${DJANGO_ALLOWED_HOSTS}
    expose:
      - 8000
    depends_on:
      - db

  frontend:
    build:
      context: ./frontend
      dockerfile: Dockerfile
    #restart: always
    image: client-prod-i:django-prod
    container_name: client-prod-c
    volumes:
      - react-build:/frontend/build
    depends_on:
      - backend

  proxy:
    build:
      context: ./webserver
      dockerfile: Dockerfile
    image: proxy-i
    container_name: proxy-c
    restart: always
    ports:
      - 80:80
    volumes:
      - staticfiles:/webserver/staticfiles
      - mediafiles:/webserver/mediafiles
      - react-build:/webserver/buildfiles

    depends_on:
      - backend
      - frontend

volumes:
  db-prod:
  react-build:
  staticfiles:
  mediafiles:

运行 docker-compose-prod 后,出现以下错误

PermissionError: [Errno 13] Permission denied: '/vol/web/staticfiles/admin'
api-prod-c exited with code 1

我尝试在 Dockerfile 中以 777 的权限 chmod 文件夹 /vol,但仍然出现相同的错误。我提到我使用的是 ubuntu 22.04,并使用 sudo 和 docker 指令。如果我使用不带 sudo 的 docker 指令,我将收到以下错误

ot permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get "http://%2Fvar%2Frun%2Fdocker.sock/v1.24/images/json": dial unix /var/run/docker.sock: connect: permission denied

如何修改我的Dockerfile 以避免第一个错误?

相关内容