'Permission denied' error for standalone-full.xml while creating custom image from official jboss/wildfly image
我正在努力构建一个从官方jboss/wildfly图像派生的自定义图像。
如果我只添加.war文件并运行它,它会很好地工作,但是当我尝试添加自定义的standalone-full.xml文件时会出现问题。
这是我的文件:
FROM jboss/wildfly:10.1.0.Final
COPY standalone-full.xml
/opt/jboss/wildfly/standalone/configuration/standalone-full.xmlCOPY sample.war /opt/jboss/wildfly/standalone/deployments/
CMD ["/opt/jboss/wildfly/bin/standalone.sh","-c",
"standalone-full.xml","-b","0.0.0.0","-bmanagement","0.0.0.0"]
这是我的源目录:
链接到源目录中ls-la命令的屏幕截图
按照建议,我已经授予了755对standalone-full.xml文件的权限。
但是,使用以下命令生成图像后:
docker build -t sample-app .
运行图像如下:
docker run -it -p 8080:8080 -p 80:80 -p 443:443 sample-app
我收到以下错误:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 | 13:18:06,274 ERROR [org.jboss.msc.service.fail] (MSC service thread 1-1) MSC000001: Failed to start service jboss.undertow.listener.default: org.jboss.msc.service.StartException in service jboss.undertow.listener.default: WFLYUT0082: Could not start 'default' listener. at org.wildfly.extension.undertow.ListenerService.start(ListenerService.java:153) at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1948) at org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1881) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:748) Caused by: java.net.SocketException: Permission denied at sun.nio.ch.Net.bind0(Native Method) at sun.nio.ch.Net.bind(Net.java:433) at sun.nio.ch.Net.bind(Net.java:425) at sun.nio.ch.ServerSocketChannelImpl.bind(ServerSocketChannelImpl.java:223) at sun.nio.ch.ServerSocketAdaptor.bind(ServerSocketAdaptor.java:74) at org.xnio.nio.NioXnioWorker.createTcpConnectionServer(NioXnioWorker.java:190) at org.xnio.XnioWorker.createStreamConnectionServer(XnioWorker.java:243) at org.wildfly.extension.undertow.HttpListenerService.startListening(HttpListenerService.java:126) at org.wildfly.extension.undertow.ListenerService.start(ListenerService.java:142) |
我进入运行容器查看独立文件的文件权限:
链接到容器的/opt/jboss/wildfly/standalone/configuration/directory中ls-la命令的屏幕截图
如果在运行cmd指令之前将用户更改为root,我就可以使应用程序运行,但我认为这不是一个好的实践:
FROM jboss/wildfly:10.1.0.Final
COPY standalone-full.xml
/opt/jboss/wildfly/standalone/configuration/standalone-full.xmlCOPY sample.war /opt/jboss/wildfly/standalone/deployments/
USER root
CMD ["/opt/jboss/wildfly/bin/standalone.sh","-c",
"standalone-full.xml","-b","0.0.0.0","-bmanagement","0.0.0.0"]
如何正确设置独立文件的权限,以便使用"jboss"用户运行应用程序?
我还尝试更改dockerfile中的权限,如下所示以匹配其他文件的权限:
FROM jboss/wildfly:10.1.0.Final
USER root
COPY standalone-full.xml
/opt/jboss/wildfly/standalone/configuration/standalone-full.xmlRUN chown jboss:root /opt/jboss/wildfly/standalone/configuration/standalone-full.xml
USER jboss
COPY sample.war /opt/jboss/wildfly/standalone/deployments/
CMD ["/opt/jboss/wildfly/bin/standalone.sh","-c",
"standalone-full.xml","-b","0.0.0.0","-bmanagement","0.0.0.0"]
但是,权限没有被应用,我仍然得到相同的错误。有人能给我指出我犯错误的正确方向吗?
我使用的是Docker版本17.06.0-ce和Overlay2存储驱动程序
您已将WildFly实例配置为侦听TCP/IP端口号<1024。
端口80和443。
通常只有根用户有权在任何基于UNIX的操作系统上执行此操作,包括Linux。