在openEuler release 20.03 (LTS)中执行docker-compose时，mariadb启动后提示permission denied

xiaoquqi · March 19, 2023, 8:21am

安装的容器版本(二进制方式直接绿色安装)：Docker version 19.03.15, build 99e3ed8
Mariadb启动yaml部分：

  mysql:
    image: mariadb:10.3.30
    ports:
      - '3306:3306'
    volumes:
      - ${PWD}/init:/docker-entrypoint-initdb.d
      - ${PWD}/data/mysql:/var/lib/mysql
      - ${PWD}/config/mariadb/my.cnf:/etc/mysql/my.cnf
    restart: always
    environment:
      MYSQL_ROOT_PASSWORD: password

容器启动后，自动退出，提示/docker-entrypoint-initdb.d目录permission denied，selinux已经关闭，该部分在CentOS 7环境下运行没有问题。

mywaaagh_admin · March 21, 2023, 2:42pm

可以简单调试一下：

docker run -it --rm  -v `pwd`/init:/docker-entrypoint-initdb.d mariadb:10.3.30  bash -c "ls -l / && whoami && cd /docker-entrypoint-initdb.d"

执行一下这个命令看看回显呢

xiaoquqi · March 23, 2023, 1:46am

[root@hypermotion-liuxun-openeuler production]# docker run -it --rm  -v `pwd`/init:/docker-entrypoint-initdb.d localhost:15000/hypermotion_dockers/mariadb:10.3.30  bash -c "ls -l / && whoami && cd /docker-entrypoint-initdb.d"
total 52
lrwxrwxrwx   1 root root    7 Jul 23  2021 bin -> usr/bin
drwxr-xr-x   2 root root 4096 Apr 15  2020 boot
drwxr-xr-x   5 root root  360 Mar 23 01:44 dev
drwx------   2 root root 4096 Mar 21 06:51 docker-entrypoint-initdb.d
lrwxrwxrwx   1 root root   34 Jul 27  2021 docker-entrypoint.sh -> usr/local/bin/docker-entrypoint.sh
drwxr-xr-x   1 root root 4096 Mar 23 01:44 etc
drwxr-xr-x   2 root root 4096 Apr 15  2020 home
lrwxrwxrwx   1 root root    7 Jul 23  2021 lib -> usr/lib
lrwxrwxrwx   1 root root    9 Jul 23  2021 lib32 -> usr/lib32
lrwxrwxrwx   1 root root    9 Jul 23  2021 lib64 -> usr/lib64
lrwxrwxrwx   1 root root   10 Jul 23  2021 libx32 -> usr/libx32
drwxr-xr-x   2 root root 4096 Jul 23  2021 media
drwxr-xr-x   2 root root 4096 Jul 23  2021 mnt
drwxr-xr-x   2 root root 4096 Jul 23  2021 opt
dr-xr-xr-x 316 root root    0 Mar 23 01:44 proc
drwx------   1 root root 4096 Jul 27  2021 root
drwxr-xr-x   1 root root 4096 Jul 27  2021 run
lrwxrwxrwx   1 root root    8 Jul 23  2021 sbin -> usr/sbin
drwxr-xr-x   2 root root 4096 Jul 23  2021 srv
dr-xr-xr-x  13 root root    0 Mar 23 01:43 sys
drwxrwxrwt   1 root root 4096 Jul 27  2021 tmp
drwxr-xr-x   1 root root 4096 Jul 23  2021 usr
drwxr-xr-x   1 root root 4096 Jul 23  2021 var
root

mywaaagh_admin · March 25, 2023, 2:14pm

可以看到docker-entrypoint-initdb.d的权限只有root用户可以访问

drwx------   2 root root 4096 Mar 21 06:51 docker-entrypoint-initdb.d

请检查容器是否是非root用户启动的

xiaoquqi · March 25, 2023, 11:49pm

您看到我上面给您的回复中，是root用户在执行命令

root@hypermotion-liuxun-openeuler production

mywaaagh_admin · March 27, 2023, 8:44am

这个说明是使用使用root执行了docker命令，但容器内的mysqld不一定是root用户运行的

还有一个方法，就是把init目录的权限改为755再试试