ubuntu 我收到[Errno 13]权限被拒绝:'./docker-compose.yml'正在运行停靠程序

4dbbbstv  于 2022-12-11  发布在  Docker
关注(0)|答案(1)|浏览(209)

I installed docker on kubuntu 18 , but I got error

$ docker-compose up -d --build
ERROR: .PermissionError: [Errno 13] Permission denied: './docker-compose.yml'

Reading branch docker error: .IOError: [Errno 13] Permission denied: "./docker-compose.yml" I tried to salve it :

username@ubuntuOS:/ProjectPath/DOCKER$ sudo groupadd docker
[sudo] password for username:
groupadd: group 'docker' already exists
username@ubuntuOS:/ProjectPath/DOCKER$ sudo gpasswd -a $USER docker
Adding user username to group docker
username@ubuntuOS:/ProjectPath/DOCKER$ docker run hello-world

Hello from Docker!
This message shows that your installation appears to be working correctly.

To generate this message, Docker took the following steps:
 1. The Docker client contacted the Docker daemon.
 2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
    (amd64)
 3. The Docker daemon created a new container from that image which runs the
    executable that produces the output you are currently reading.
 4. The Docker daemon streamed that output to the Docker client, which sent it
    to your terminal.

To try something more ambitious, you can run an Ubuntu container with:
 $ docker run -it ubuntu bash

Share images, automate workflows, and more with a free Docker ID:
 https://hub.docker.com/

For more examples and ideas, visit:
 https://docs.docker.com/get-started/

username@ubuntuOS:/ProjectPath/DOCKER$ docker-compose logs -f
ERROR: .PermissionError: [Errno 13] Permission denied: './docker-compose.yml'
username@ubuntuOS:/ProjectPath/DOCKER$ sudo dpkg-reconfigure apparmor
Skipping profile in /etc/apparmor.d/disable: usr.bin.firefox
Skipping profile in /etc/apparmor.d/disable: usr.sbin.rsyslogd
username@ubuntuOS:/ProjectPath/DOCKER$ docker-compose up -d --build
ERROR: .PermissionError: [Errno 13] Permission denied: './docker-compose.yml'
username@ubuntuOS:/ProjectPath/DOCKER$ sudo apparmor_parser -r /var/lib/snapd/apparmor/profiles/snap.docker.compose
username@ubuntuOS:/ProjectPath/DOCKER$ docker-compose up -d --build
ERROR: .PermissionError: [Errno 13] Permission denied: './docker-compose.yml'

But Failed.
My docker-compose.yml :

version: '3.3'

services:

    web:
        build:
            context: ./           # directory of web/Dockerfile.yml
            dockerfile: Dockerfile.yml

        container_name: lar_nginx_web
        # restart: always
        working_dir: /var/www/
        volumes:
            - ../:/var/www

    nginx:
        image: nginx:1.19-alpine
        container_name: lar_nginx_nginx
        # restart: always
        ports:
            - '8084:80'
        # http://127.0.0.1:8000

        volumes:
            - ../:/var/www
            - ./nginx:/etc/nginx/conf.d

    db:
        container_name: lar_nginx_db
        image: mysql:5.7.28
        # image: mysql:8.0.21
        # restart: always
        environment:
            - MYSQL_DATABASE=DockerLarNginx
            - MYSQL_USER=docker_user
            - MYSQL_PASSWORD=4321
            - MYSQL_ALLOW_EMPTY_PASSWORD=false
            - MYSQL_ROOT_PASSWORD=321
            - TZ=Europe/Kiev

        volumes:
            - /var/lib/mysql

    phpmyadmin:
        container_name: lar_nginx_phpmyadmin
        depends_on:
            - db
        image: phpmyadmin/phpmyadmin
        # restart: always
        ports:
            - 8085:80
        environment:
            PMA_HOST: db
            MYSQL_ROOT_PASSWORD: 1

    composer:
        image: composer:2.1
        container_name: lar_nginx_composer
        volumes:
            - ./:/var/www
        working_dir: /var/www
        command: composer install  --ignore-platform-reqs

Project directory :

$ ls -l
total 16
-rwxrwxrwx 1 root root  940 Sep  5 16:39 BySteps.txt
-rwxrwxrwx 1 root root 1561 Sep  5 16:56 docker-compose.yml
-rwxrwxrwx 1 root root 1094 Sep  5 09:15 Dockerfile.yml
drwxrwxrwx 1 root root    0 Sep  2 08:21 nginx
-rwxrwxrwx 1 root root  805 Oct 20  2019 virtualhost.conf

How can it be fixed ?

Modified Block: Searching for decision I found a hints

  1. I might want to turn off apparmor and check if it works without
    But Stopping apparmor I got errors:
username@ubuntuOS:ProjectPath$ sudo systemctl stop apparmor

username@ubuntuOS:ProjectPath$ sudo systemctl enable docker
Synchronizing state of docker.service with SysV service script with /lib/systemd/systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install enable docker
Failed to enable unit: Unit file /etc/systemd/system/docker.service is masked.
username@ubuntuOS:ProjectPath$ sudo systemctl start docker
Failed to start docker.service: Unit docker.service is masked.
username@ubuntuOS:ProjectPath$ sudo systemctl start apparmor
  1. If my Docker installation is from Snap?
    I installed with command :
sudo apt-get install docker-ce

Is it snap installation?

docker info
Client:
 Context:    default
 Debug Mode: false
 Plugins:
  app: Docker App (Docker Inc., v0.9.1-beta3)
  buildx: Build with BuildKit (Docker Inc., v0.5.1-docker)

Server:
ERROR: Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
errors pretty printing info

In which way have I to check is it snap installation and how my errors depends on it ?

I failed to run docker :

    $ sudo systemctl enable docker
    
    Synchronizing state of docker.service with SysV service script with /lib/systemd/systemd-sysv-install.
    Executing: /lib/systemd/systemd-sysv-install enable docker
    
    Failed to enable unit: Unit file /etc/systemd/system/docker.service is masked.
    $ sudo systemctl start docker
    Failed to start docker.service: Unit docker.service is masked.

In my Synaptic I found installed packages:

snap
location of genes from DNA sequence with hidden markov model

and

apparmor
user-space parser utility for AppArmor

I have some prior docker expierence, but I did not have such problems. How these can be fixed?

Modified Block # 2:

username@ubuntuOS:/ProjectPath//DOCKER$ docker run hello-world

Hello from Docker!
This message shows that your installation appears to be working correctly.

To generate this message, Docker took the following steps:
 1. The Docker client contacted the Docker daemon.
 2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
    (amd64)
 3. The Docker daemon created a new container from that image which runs the
    executable that produces the output you are currently reading.
 4. The Docker daemon streamed that output to the Docker client, which sent it
    to your terminal.

To try something more ambitious, you can run an Ubuntu container with:
 $ docker run -it ubuntu bash

Share images, automate workflows, and more with a free Docker ID:
 https://hub.docker.com/

For more examples and ideas, visit:
 https://docs.docker.com/get-started/

username@ubuntuOS:/ProjectPath//DOCKER$ sudo systemctl unmask docker && sudo systemctl start docker
Removed /etc/systemd/system/docker.service.
Job for docker.service failed because the control process exited with error code.
See "systemctl status docker.service" and "journalctl -xe" for details.
username@ubuntuOS:/ProjectPath//DOCKER$ docker-compose
Define and run multi-container applications with Docker.

Usage:
  docker-compose [-f <arg>...] [options] [COMMAND] [ARGS...]
  docker-compose -h|--help

Options:
  -f, --file FILE             Specify an alternate compose file
                              (default: docker-compose.yml)
  -p, --project-name NAME     Specify an alternate project name
                              (default: directory name)
  --verbose                   Show more output
  --log-level LEVEL           Set log level (DEBUG, INFO, WARNING, ERROR, CRITICAL)
  --no-ansi                   Do not print ANSI control characters
  -v, --version               Print version and exit
  -H, --host HOST             Daemon socket to connect to

  --tls                       Use TLS; implied by --tlsverify
  --tlscacert CA_PATH         Trust certs signed only by this CA
  --tlscert CLIENT_CERT_PATH  Path to TLS certificate file
  --tlskey TLS_KEY_PATH       Path to TLS key file
  --tlsverify                 Use TLS and verify the remote
  --skip-hostname-check       Don't check the daemon's hostname against the
                              name specified in the client certificate
  --project-directory PATH    Specify an alternate working directory
                              (default: the path of the Compose file)
  --compatibility             If set, Compose will attempt to convert keys
                              in v3 files to their non-Swarm equivalent
  --env-file PATH             Specify an alternate environment file

Commands:
  build              Build or rebuild services
  config             Validate and view the Compose file
  create             Create services
  down               Stop and remove containers, networks, images, and volumes
  events             Receive real time events from containers
  exec               Execute a command in a running container
  help               Get help on a command
  images             List images
  kill               Kill containers
  logs               View output from containers
  pause              Pause services
  port               Print the public port for a port binding
  ps                 List containers
  pull               Pull service images
  push               Push service images
  restart            Restart services
  rm                 Remove stopped containers
  run                Run a one-off command
  scale              Set number of containers for a service
  start              Start services
  stop               Stop services
  top                Display the running processes
  unpause            Unpause services
  up                 Create and start containers
  version            Show the Docker-Compose version information
username@ubuntuOS:/ProjectPath//DOCKER$ sudo tail -f /var/log/syslog
Sep 15 06:40:28 ubuntuOS systemd[3516]: Failed to start snap.docker.compose.2c72d705-91cd-406c-a3eb-bcbdbcfed2d5.scope.
Sep 15 06:40:30 ubuntuOS kernel: [ 1169.609359] audit: type=1400 audit(1631677230.198:65): apparmor="DENIED" operation="open" profile="snap.docker.compose" name="/proc/14125/mounts" pid=14125 comm="python3" requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000
Sep 15 06:40:30 ubuntuOS kernel: [ 1169.738542] audit: type=1400 audit(1631677230.330:66): apparmor="DENIED" operation="open" profile="snap.docker.compose" name="/ProjectPath//DOCKER/docker-compose.yml" pid=14125 comm="python3" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
Sep 15 06:40:30 ubuntuOS kernel: [ 1169.738565] audit: type=1400 audit(1631677230.330:67): apparmor="DENIED" operation="open" profile="snap.docker.compose" name="/ProjectPath//DOCKER/docker-compose.yml" pid=14125 comm="python3" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
Sep 15 06:40:39 ubuntuOS kernel: [ 1178.543524] [UFW BLOCK] IN=enp4s0 OUT= MAC=44:8a:5b:ee:2a:dd:c8:e7:f0:6e:fc:29:08:00 SRC=176.10.192.176 DST=213.109.234.130 LEN=60 TOS=0x00 PREC=0x00 TTL=50 ID=40086 DF PROTO=TCP SPT=44902 DPT=6881 WINDOW=64240 RES=0x00 SYN URGP=0
Sep 15 06:41:06 ubuntuOS systemd[3516]: snap.docker.compose.009e07fe-8e69-4d56-a1ad-be6649422dc1.scope: Failed to add PIDs to scope's control group: Permission denied
Sep 15 06:41:06 ubuntuOS systemd[3516]: snap.docker.compose.009e07fe-8e69-4d56-a1ad-be6649422dc1.scope: Failed with result 'resources'.
Sep 15 06:41:06 ubuntuOS systemd[3516]: Failed to start snap.docker.compose.009e07fe-8e69-4d56-a1ad-be6649422dc1.scope.
Sep 15 06:41:07 ubuntuOS kernel: [ 1206.991294] audit: type=1400 audit(1631677267.581:68): apparmor="DENIED" operation="open" profile="snap.docker.compose" name="/proc/14166/mounts" pid=14166 comm="python3" requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000
Sep 15 06:41:08 ubuntuOS kernel: [ 1208.265731] [UFW BLOCK] IN=enp4s0 OUT= MAC=44:8a:5b:ee:2a:dd:c8:e7:f0:6e:fc:29:08:00 SRC=104.140.188.18 DST=213.109.234.130 LEN=44 TOS=0x00 PREC=0x00 TTL=246 ID=50654 PROTO=TCP SPT=56649 DPT=8888 WINDOW=1024 RES=0x00 SYN URGP=0
Sep 15 06:41:24 ubuntuOS kernel: [ 1223.876776] [UFW BLOCK] IN=enp4s0 OUT= MAC=44:8a:5b:ee:2a:dd:c8:e7:f0:6e:fc:29:08:00 SRC=176.67.84.17 DST=213.109.234.130 LEN=58 TOS=0x00 PREC=0x00 TTL=122 ID=7917 PROTO=UDP SPT=61585 DPT=6881 LEN=38
Sep 15 06:41:37 ubuntuOS kernel: [ 1237.119996] [UFW BLOCK] IN=enp4s0 OUT= MAC=44:8a:5b:ee:2a:dd:c8:e7:f0:6e:fc:29:08:00 SRC=185.76.147.123 DST=213.109.234.130 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=61449 PROTO=TCP SPT=41688 DPT=3556 WINDOW=1024 RES=0x00 SYN URGP=0

Modified Block # 3:

username@ubuntuOS:/ProjectPath/DOCKER$ sudo systemctl start docker
[sudo] password for username:
Job for docker.service failed because the control process exited with error code.
See "systemctl status docker.service" and "journalctl -xe" for details.
username@ubuntuOS:/ProjectPath/DOCKER$ sudo journalctl -xe
Sep 16 06:31:15 ubuntuOS kernel: [UFW BLOCK] IN=enp4s0 OUT= MAC=44:8a:5b:ee:2a:dd:c8:e7:f0:6e:fc:29:08:00 SRC=125.64.94.144 DST=213.109.234.130 LEN=40 TOS=0x00 PREC=0x00 TTL=237 ID=54321 PROTO=TCP SPT=48901 DPT=17988 WINDOW=65535 RES=0x00
Sep 16 06:31:23 ubuntuOS kernel: [UFW BLOCK] IN=enp4s0 OUT= MAC=44:8a:5b:ee:2a:dd:c8:e7:f0:6e:fc:29:08:00 SRC=193.27.229.54 DST=213.109.234.130 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=54084 PROTO=TCP SPT=55154 DPT=47319 WINDOW=1024 RES=0x00 S
Sep 16 06:31:42 ubuntuOS kernel: [UFW BLOCK] IN=enp4s0 OUT= MAC=44:8a:5b:ee:2a:dd:c8:e7:f0:6e:fc:29:08:00 SRC=192.241.220.215 DST=213.109.234.130 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=54321 PROTO=TCP SPT=51354 DPT=443 WINDOW=65535 RES=0x00
Sep 16 06:32:08 ubuntuOS kernel: [UFW BLOCK] IN=enp4s0 OUT= MAC=44:8a:5b:ee:2a:dd:c8:e7:f0:6e:fc:29:08:00 SRC=193.27.229.54 DST=213.109.234.130 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=55215 PROTO=TCP SPT=55154 DPT=30869 WINDOW=1024 RES=0x00 S
Sep 16 06:32:09 ubuntuOS sudo[12849]:    username : TTY=pts/5 ; PWD=/ProjectPath/DOCKER ; USER=root ; COMMAND=/bin/systemctl start docker
Sep 16 06:32:09 ubuntuOS sudo[12849]: pam_unix(sudo:session): session opened for user root by username(uid=0)
Sep 16 06:32:09 ubuntuOS systemd[1]: Starting LSB: Create lightweight, portable, self-sufficient containers....
-- Subject: Unit docker.service has begun start-up
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit docker.service has begun starting up.
Sep 16 06:32:09 ubuntuOS docker[12852]:  * /usr/bin/dockerd not present or not executable
Sep 16 06:32:09 ubuntuOS sudo[12849]: pam_unix(sudo:session): session closed for user root
Sep 16 06:32:09 ubuntuOS systemd[1]: docker.service: Control process exited, code=exited status=1
Sep 16 06:32:09 ubuntuOS systemd[1]: docker.service: Failed with result 'exit-code'.
Sep 16 06:32:09 ubuntuOS systemd[1]: Failed to start LSB: Create lightweight, portable, self-sufficient containers..
-- Subject: Unit docker.service has failed
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit docker.service has failed.
--
-- The result is RESULT.
Sep 16 06:32:28 ubuntuOS kernel: [UFW BLOCK] IN=enp4s0 OUT= MAC=44:8a:5b:ee:2a:dd:c8:e7:f0:6e:fc:29:08:00 SRC=40.124.92.24 DST=213.109.234.130 LEN=40 TOS=0x00 PREC=0x00 TTL=235 ID=52505 PROTO=TCP SPT=53846 DPT=2375 WINDOW=1024 RES=0x00 SYN
Sep 16 06:32:29 ubuntuOS sudo[12904]:    username : TTY=pts/5 ; PWD=/ProjectPath/DOCKER ; USER=root ; COMMAND=/bin/journalctl -xe
Sep 16 06:32:29 ubuntuOS sudo[12904]: pam_unix(sudo:session): session opened for user root by username(uid=0)
-- Reboot --
Jan 25 17:55:16 ubuntuOS systemd-timedated[13988]: Changed local time to Wed Jan 25 17:55:16 2023
-- Subject: Time change
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- The system clock has been changed to 1674662116924753 microseconds after January 1st, 1970.
Jan 25 17:55:16 ubuntuOS anacron[14008]: Anacron 2.3 started on 2023-01-25
Jan 25 17:55:16 ubuntuOS systemd[1]: Starting Daily apt download activities...
-- Subject: Unit apt-daily.service has begun start-up
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit apt-daily.service has begun starting up.
Jan 25 17:55:16 ubuntuOS anacron[14008]: Will run job `cron.daily' in 5 min.
Jan 25 17:55:16 ubuntuOS systemd[1]: Starting Message of the Day...
-- Subject: Unit motd-news.service has begun start-up
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit motd-news.service has begun starting up.
Jan 25 17:55:16 ubuntuOS anacron[14008]: Will run job `cron.weekly' in 10 min.
Jan 25 17:55:16 ubuntuOS systemd[1]: Starting Clean php session files...
-- Subject: Unit phpsessionclean.service has begun start-up
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit phpsessionclean.service has begun starting up.
--
-- The result is RESULT.
Sep 16 06:32:28 ubuntuOS kernel: [UFW BLOCK] IN=enp4s0 OUT= MAC=44:8a:5b:ee:2a:dd:c8:e7:f0:6e:fc:29:08:00 SRC=40.124.92.24 DST=213.109.234.130 LEN=40 TOS=0x00 PREC=0x00 TTL=235 ID=52505 PROTO=TCP SPT=53846 DPT=2375 WINDOW=1024 RES=0x00 SYN
Sep 16 06:32:29 ubuntuOS sudo[12904]:    username : TTY=pts/5 ; PWD=/ProjectPath/DOCKER ; USER=root ; COMMAND=/bin/journalctl -xe
Sep 16 06:32:29 ubuntuOS sudo[12904]: pam_unix(sudo:session): session opened for user root by username(uid=0)
-- Reboot --
Jan 25 17:55:16 ubuntuOS systemd-timedated[13988]: Changed local time to Wed Jan 25 17:55:16 2023
-- Subject: Time change
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- The system clock has been changed to 1674662116924753 microseconds after January 1st, 1970.
Jan 25 17:55:16 ubuntuOS anacron[14008]: Anacron 2.3 started on 2023-01-25
Jan 25 17:55:16 ubuntuOS systemd[1]: Starting Daily apt download activities...
-- Subject: Unit apt-daily.service has begun start-up
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit apt-daily.service has begun starting up.
Jan 25 17:55:16 ubuntuOS anacron[14008]: Will run job `cron.daily' in 5 min.
Jan 25 17:55:16 ubuntuOS systemd[1]: Starting Message of the Day...
-- Subject: Unit motd-news.service has begun start-up
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit motd-news.service has begun starting up.
Jan 25 17:55:16 ubuntuOS anacron[14008]: Will run job `cron.weekly' in 10 min.
Jan 25 17:55:16 ubuntuOS systemd[1]: Starting Clean php session files...
-- Subject: Unit phpsessionclean.service has begun start-up
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit phpsessionclean.service has begun starting up.
Jan 25 17:55:16 ubuntuOS anacron[14008]: Will run job `cron.monthly' in 15 min.
Jan 25 17:55:16 ubuntuOS systemd[1]: Starting Discard unused blocks...
-- Subject: Unit fstrim.service has begun start-up
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit fstrim.service has begun starting up.
Jan 25 17:55:16 ubuntuOS anacron[14008]: Jobs will be executed sequentially
Jan 25 17:55:16 ubuntuOS systemd[1]: Started Run anacron jobs.
-- Subject: Unit anacron.service has finished start-up
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit anacron.service has finished starting up.
--
-- The start-up result is RESULT.
Jan 25 17:55:16 ubuntuOS systemd[1]: Started Message of the Day.
-- Subject: Unit motd-news.service has finished start-up
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit motd-news.service has finished starting up.

Thanks!

omhiaaxx

omhiaaxx1#

It is the permissions to this file: docker-compose.yml ?
ERROR: .PermissionError: [Errno 13] Permission denied: './docker-compose.yml'
I had an error similar with MySQL server and simply allowing permission to write to this file solved the issue.
Good luck!

相关问题