您的位置: 首页  >  技术问答  >  无法泊坞窗内启动tomcat:“权限被拒绝”

无法泊坞窗内启动tomcat:“权限被拒绝”

分类: 技术问答 2022-06-20 08:43:11
问题描述:

我有以下泊坞窗文件:无法泊坞窗内启动tomcat:“权限被拒绝”

FROM debian:jessie 
RUN apt-get update && apt-get install -y wget 

RUN wget --quiet http://www.us.apache.org/dist/tomcat/tomcat-8/v8.5.20/bin/apache-tomcat-8.5.20.tar.gz -O /tmp/tomcat.tar.gz 
RUN cd /tmp && tar xf tomcat.tar.gz 
RUN mv /tmp/apache-tomcat-8.5.20 /usr/share/ 
RUN adduser --system --shell /bin/bash --gecos 'Tomcat Java Servlet and JSP engine' --group --disabled-password --home /home/tomcat tomcat 
RUN chown -R tomcat:tomcat /usr/share/apache-tomcat-8.5.20/* 
RUN chmod +x /usr/share/apache-tomcat-8.5.20/bin/*.sh 

RUN apt-get update && apt-get install -y openjdk-7-jre-headless 

CMD ["/bin/bash"]

如果我编译这对我的笔记本电脑与Ubuntu 17.04和泊坞窗1.12.6,构建78d1802,我可以执行

su tomcat -c /usr/share/apache-tomcat-8.5.20/bin/startup.sh

没有任何问题:

$ sudo docker run -it ff1323fadc66 
[email protected]:/# su tomcat -c /usr/share/apache-tomcat-8.5.20/bin/startup.sh 
Using CATALINA_BASE: /usr/share/apache-tomcat-8.5.20 
Using CATALINA_HOME: /usr/share/apache-tomcat-8.5.20 
Using CATALINA_TMPDIR: /usr/share/apache-tomcat-8.5.20/temp 
Using JRE_HOME:  /usr 
Using CLASSPATH:  /usr/share/apache-tomcat-8.5.20/bin/bootstrap.jar:/usr/share/apache-tomcat-8.5.20/bin/tomcat-juli.jar 
Tomcat started.

但是,如果我尝试同样在Ubuntu 16.04 LTS与泊坞窗1.12.6,构建78d1802,它在AWS上托管,我得到以下输出:

$ sudo docker run -it 96e0e82a9dda 
[email protected]:/# su tomcat -c /usr/share/apache-tomcat-8.5.20/bin/startup.sh 
Using CATALINA_BASE: /usr/share/apache-tomcat-8.5.20 
Using CATALINA_HOME: /usr/share/apache-tomcat-8.5.20 
Using CATALINA_TMPDIR: /usr/share/apache-tomcat-8.5.20/temp 
Using JRE_HOME:  /usr 
Using CLASSPATH:  /usr/share/apache-tomcat-8.5.20/bin/bootstrap.jar:/usr/share/apache-tomcat-8.5.20/bin/tomcat-juli.jar 
touch: cannot touch '/usr/share/apache-tomcat-8.5.20/logs/catalina.out': Permission denied 
/usr/share/apache-tomcat-8.5.20/bin/catalina.sh: 434: /usr/share/apache-tomcat-8.5.20/bin/catalina.sh: cannot create /usr/share/apache-tomcat-8.5.20/logs/catalina.out: Permission denied

这怎么可能?码头文件不应该产生相同的环境?我也在MacOS上尝试过它,它也像魅力一样在那里启动tomcat。

我已经试图绕过这个chmod 777 /usr/share/apache-tomcat-8.5.20/logs/,但它也没有工作。

编辑:

按照要求的ls -alh /usr/share/apache-tomcat-8.5.20/logs/

[email protected]:/# su tomcat -c /usr/share/apache-tomcat-8.5.20/bin/startup.sh 
Using CATALINA_BASE: /usr/share/apache-tomcat-8.5.20 
Using CATALINA_HOME: /usr/share/apache-tomcat-8.5.20 
Using CATALINA_TMPDIR: /usr/share/apache-tomcat-8.5.20/temp 
Using JRE_HOME:  /usr 
Using CLASSPATH:  /usr/share/apache-tomcat-8.5.20/bin/bootstrap.jar:/usr/share/apache-tomcat-8.5.20/bin/tomcat-juli.jar 
touch: cannot touch '/usr/share/apache-tomcat-8.5.20/logs/catalina.out': Permission denied 
/usr/share/apache-tomcat-8.5.20/bin/catalina.sh: 434: /usr/share/apache-tomcat-8.5.20/bin/catalina.sh: cannot create /usr/share/apache-tomcat-8.5.20/logs/catalina.out: Permission denied 
[email protected]:/# ls -alh /usr/share/apache-tomcat-8.5.20/logs/ 
total 8.0K 
drwxr-x--- 2 tomcat tomcat 4.0K Aug 2 21:35 . 
drwxr-xr-x 17 root root 4.0K Sep 6 06:58 .. 
[email protected]:/#

而且输出:当然有可能,而无需切换用户启动tomcat,然后用根,但我宁愿要避免这种情况。

EDIT2:

的主机是Ubuntu的LTS 16.04.3:

$ cat /etc/os-release 
NAME="Ubuntu" 
VERSION="16.04.3 LTS (Xenial Xerus)" 
ID=ubuntu 
ID_LIKE=debian 
PRETTY_NAME="Ubuntu 16.04.3 LTS" 
VERSION_ID="16.04" 
HOME_URL="http://www.ubuntu.com/" 
SUPPORT_URL="http://help.ubuntu.com/" 
BUG_REPORT_URL="http://bugs.launchpad.net/ubuntu/" 
VERSION_CODENAME=xenial 
UBUNTU_CODENAME=xenial

它也有一个开发日志:

$ ls -l /run/systemd/journal/dev-log 
srw-rw-rw- 1 root root 0 Sep 5 13:13 /run/systemd/journal/dev-log
+0

试运行'chmod -R 777在/ usr /共享/ Apache的Tomcat的20年5月8日/日志/' –

+0

我这样做的很好,但我没有工作。无论如何,编译图像后目录是空的。 – mistapink

+0

尝试使用upstart命令启动它:'service tomcat start'或者'/ etc/init.d/tomcat'脚本 –

所以这一个似乎是最奇怪的一个,我不确定这种不起作用的根本情况,但低于选项将适用于你

更改用户到tomcat然后解压文件夹

FROM debian:jessie 
RUN apt-get update && apt-get install -y wget openjdk-7-jre-headless 

RUN adduser --system --shell /bin/bash --gecos 'Tomcat Java Servlet and JSP engine' --group --disabled-password --home /home/tomcat tomcat 
USER tomcat 
RUN wget --quiet http://www.us.apache.org/dist/tomcat/tomcat-8/v8.5.20/bin/apache-tomcat-8.5.20.tar.gz -O /tmp/tomcat.tar.gz && cd /tmp && tar xf tomcat.tar.gz && mv /tmp/apache-tomcat-8.5.20/ /tomcat 
USER root 
CMD ["/bin/bash"]

删除日志文件夹,并重新创建

FROM debian:jessie 
RUN apt-get update && apt-get install -y wget openjdk-7-jre-headless 

RUN adduser --system --shell /bin/bash --gecos 'Tomcat Java Servlet and JSP engine' --group --disabled-password --home /home/tomcat tomcat 
RUN wget --quiet http://www.us.apache.org/dist/tomcat/tomcat-8/v8.5.20/bin/apache-tomcat-8.5.20.tar.gz -O /tmp/tomcat.tar.gz && cd /tmp && tar xf tomcat.tar.gz && mv /tmp/apache-tomcat-8.5.20/ /tomcat 
RUN rm -rf /tomcat/logs && chown -R tomcat:tomcat /tomcat && su tomcat -c "mkdir /tomcat/logs" 
CMD ["/bin/bash"]

上述解决方案工作你的情况。行为是两个不同的操作系统的根本原因是目前未知

糊箱有兴趣的任何一个调试

strace的苏tomcat的-c/tomcat的/日志/文本。TXT

https://pastebin.com/vVBEXJQ1

实际最终dockerfile使用

https://pastebin.com/H5AVt9P5

我不能停止想知道为什么重新发明轮子,什么是错的官方tomcat的图像? https://docs.docker.com/samples/library/tomcat/https://hub.docker.com/_/tomcat/

https://stackoverflow.com/a/29297790/6785908

+0

因为这只是更大的图像的一部分,它具有Apache 2.4,PHP 7.0,Postgresql 9.6,PostGIS 2.3,Tomcat 8.5,Geoserver 2.2,Laravel。我没有找到具有所有这些的图像。 – mistapink

相关推荐