执行docker run时出现许可错误
我正在尝试以root用户身份运行docker run命令。 但是我得到一个与权限有关的错误。
任何人都可以带领我正确的方向来解决这个问题吗? 我的团队中有几个人被困住了。 我们知道这绝对不是图像,因为我们可以在其他盒子上以及在本地运行图像没有任何问题。
谢谢
docker run -it -p 8091:8081 999999999.dkr.ecr.ap-southeast-2.amazonaws.com/999999999.dkr.ecr.ap-southeast-2.amazonaws.com/node-xref-api-v2 panic: standard_init_linux.go:178: exec user process caused "permission denied" [recovered] panic: standard_init_linux.go:178: exec user process caused "permission denied" goroutine 1 [running, locked to thread]: panic(0x6f3000, 0xc42012ee70) /usr/lib/golang/src/runtime/panic.go:500 +0x1a1 github.com/urfave/cli.HandleAction.func1(0xc42007f748) /builddir/build/BUILD/docker-96d83a5ff6ec0eb9bb7b45192c3048fd3aef5e21/runc-81b254244390bc636b20c87c34a3d9e1a8645069/Godeps/_workspace/src/github.com/urfave/cli/app.go:478 +0x247 panic(0x6f3000, 0xc42012ee70) /usr/lib/golang/src/runtime/panic.go:458 +0x243 github.com/opencontainers/runc/libcontainer.(*LinuxFactory).StartInitialization.func1(0xc42007f198, 0xc42001e0b0, 0xc42007f238) /builddir/build/BUILD/docker-96d83a5ff6ec0eb9bb7b45192c3048fd3aef5e21/runc-81b254244390bc636b20c87c34a3d9e1a8645069/Godeps/_workspace/src/github.com/opencontainers/runc/libcontainer/factory_linux.go:259 +0x18f github.com/opencontainers/runc/libcontainer.(*LinuxFactory).StartInitialization(0xc42004e8c0, 0xaac9c0, 0xc42012ee70) /builddir/build/BUILD/docker-96d83a5ff6ec0eb9bb7b45192c3048fd3aef5e21/runc-81b254244390bc636b20c87c34a3d9e1a8645069/Godeps/_workspace/src/github.com/opencontainers/runc/libcontainer/factory_linux.go:277 +0x353 main.glob..func8(0xc420082780, 0x0, 0x0) /builddir/build/BUILD/docker-96d83a5ff6ec0eb9bb7b45192c3048fd3aef5e21/runc-81b254244390bc636b20c87c34a3d9e1a8645069/main_unix.go:26 +0x66 reflect.Value.call(0x6ddd80, 0x769ce8, 0x13, 0x73c1c9, 0x4, 0xc42007f708, 0x1, 0x1, 0x4d17a8, 0x732020, ...) /usr/lib/golang/src/reflect/value.go:434 +0x5c8 reflect.Value.Call(0x6ddd80, 0x769ce8, 0x13, 0xc42007f708, 0x1, 0x1, 0xac2700, 0xc42007f6e8, 0x4da786) /usr/lib/golang/src/reflect/value.go:302 +0xa4 github.com/urfave/cli.HandleAction(0x6ddd80, 0x769ce8, 0xc420082780, 0x0, 0x0) /builddir/build/BUILD/docker-96d83a5ff6ec0eb9bb7b45192c3048fd3aef5e21/runc-81b254244390bc636b20c87c34a3d9e1a8645069/Godeps/_workspace/src/github.com/urfave/cli/app.go:487 +0x1e0 github.com/urfave/cli.Command.Run(0x73c395, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x74d9d9, 0x51, 0x0, ...) /builddir/build/BUILD/docker-96d83a5ff6ec0eb9bb7b45192c3048fd3aef5e21/runc-81b254244390bc636b20c87c34a3d9e1a8645069/Godeps/_workspace/src/github.com/urfave/cli/command.go:191 +0xc3b github.com/urfave/cli.(*App).Run(0xc4200c6000, 0xc42000c120, 0x2, 0x2, 0x0, 0x0) /builddir/build/BUILD/docker-96d83a5ff6ec0eb9bb7b45192c3048fd3aef5e21/runc-81b254244390bc636b20c87c34a3d9e1a8645069/Godeps/_workspace/src/github.com/urfave/cli/app.go:240 +0x611 main.main() /builddir/build/BUILD/docker-96d83a5ff6ec0eb9bb7b45192c3048fd3aef5e21/runc-81b254244390bc636b20c87c34a3d9e1a8645069/main.go:137 +0xbd6 [root@ip-10-140-1-10 ~]# ^C [root@ip-10-140-1-10 ~]# sudo docker run -it -p 8091:8081 231827969312.dkr.ecr.ap-southeast-2.amazonaws.com/231827969312.dkr.ecr.ap-southeast-2.amazonaws.com/node-xref-api-v2 panic: standard_init_linux.go:178: exec user process caused "permission denied" [recovered] panic: standard_init_linux.go:178: exec user process caused "permission denied" goroutine 1 [running, locked to thread]: panic(0x6f3000, 0xc42011ce70) /usr/lib/golang/src/runtime/panic.go:500 +0x1a1 github.com/urfave/cli.HandleAction.func1(0xc42007f748) /builddir/build/BUILD/docker-96d83a5ff6ec0eb9bb7b45192c3048fd3aef5e21/runc-81b254244390bc636b20c87c34a3d9e1a8645069/Godeps/_workspace/src/github.com/urfave/cli/app.go:478 +0x247 panic(0x6f3000, 0xc42011ce70) /usr/lib/golang/src/runtime/panic.go:458 +0x243 github.com/opencontainers/runc/libcontainer.(*LinuxFactory).StartInitialization.func1(0xc42007f198, 0xc42001e0c8, 0xc42007f238) /builddir/build/BUILD/docker-96d83a5ff6ec0eb9bb7b45192c3048fd3aef5e21/runc-81b254244390bc636b20c87c34a3d9e1a8645069/Godeps/_workspace/src/github.com/opencontainers/runc/libcontainer/factory_linux.go:259 +0x18f github.com/opencontainers/runc/libcontainer.(*LinuxFactory).StartInitialization(0xc42004f590, 0xaac9c0, 0xc42011ce70) /builddir/build/BUILD/docker-96d83a5ff6ec0eb9bb7b45192c3048fd3aef5e21/runc-81b254244390bc636b20c87c34a3d9e1a8645069/Godeps/_workspace/src/github.com/opencontainers/runc/libcontainer/factory_linux.go:277 +0x353 main.glob..func8(0xc420082a00, 0x0, 0x0) /builddir/build/BUILD/docker-96d83a5ff6ec0eb9bb7b45192c3048fd3aef5e21/runc-81b254244390bc636b20c87c34a3d9e1a8645069/main_unix.go:26 +0x66 reflect.Value.call(0x6ddd80, 0x769ce8, 0x13, 0x73c1c9, 0x4, 0xc42007f708, 0x1, 0x1, 0x4d17a8, 0x732020, ...) /usr/lib/golang/src/reflect/value.go:434 +0x5c8 reflect.Value.Call(0x6ddd80, 0x769ce8, 0x13, 0xc42007f708, 0x1, 0x1, 0xac2700, 0xc42007f6e8, 0x4da786) /usr/lib/golang/src/reflect/value.go:302 +0xa4 github.com/urfave/cli.HandleAction(0x6ddd80, 0x769ce8, 0xc420082a00, 0x0, 0x0) /builddir/build/BUILD/docker-96d83a5ff6ec0eb9bb7b45192c3048fd3aef5e21/runc-81b254244390bc636b20c87c34a3d9e1a8645069/Godeps/_workspace/src/github.com/urfave/cli/app.go:487 +0x1e0 github.com/urfave/cli.Command.Run(0x73c395, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x74d9d9, 0x51, 0x0, ...) /builddir/build/BUILD/docker-96d83a5ff6ec0eb9bb7b45192c3048fd3aef5e21/runc-81b254244390bc636b20c87c34a3d9e1a8645069/Godeps/_workspace/src/github.com/urfave/cli/command.go:191 +0xc3b github.com/urfave/cli.(*App).Run(0xc4200a0000, 0xc42000c120, 0x2, 0x2, 0x0, 0x0) /builddir/build/BUILD/docker-96d83a5ff6ec0eb9bb7b45192c3048fd3aef5e21/runc-81b254244390bc636b20c87c34a3d9e1a8645069/Godeps/_workspace/src/github.com/urfave/cli/app.go:240 +0x611 main.main() /builddir/build/BUILD/docker-96d83a5ff6ec0eb9bb7b45192c3048fd3aef5e21/runc-81b254244390bc636b20c87c34a3d9e1a8645069/main.go:137 +0xbd6 在CentOS上,当我的“/ var”没有执行权限时,我得到这个错误。
如果可能,尝试使用exec权限重新挂载它:
mount /var/ -o remount,exec
并重新启动Docker引擎。
systemctl restart docker.service
如果这样做,你必须调整fstabs,并删除noexec
谢谢你的帮助。 但是我在这里find了答案
https://bugzilla.redhat.com/show_bug.cgi?id=1358819
我通过将selinux设置为宽容模式来暂时修复它
inside /etc/selinux/config SELINUX=permissive