Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Test with -w in docker-entrypoint.sh gives error #72

Closed
huggla opened this issue Nov 27, 2023 · 13 comments
Closed

Test with -w in docker-entrypoint.sh gives error #72

huggla opened this issue Nov 27, 2023 · 13 comments

Comments

@huggla
Copy link

huggla commented Nov 27, 2023

I've had this problem with some Alpine images before and the fix is to upgrade Docker to version 20(.something) or newer. The files tested are writable, it's the test itself that fails. Images prior to 3.34 worked fine. Our Hosts are running Docker 18.06.3 and can not be upgraded.
@dmarteau
Copy link
Member

What error ?

@huggla
Copy link
Author

huggla commented Nov 28, 2023

What error ?

2023-11-28 13:08:23Running as 9001:9001
2023-11-28 13:08:23ERROR: /home/qgis must be writable for user:group 9001:9001
2023-11-28 13:08:23ERROR: You should consider the '--user' Docker option

@dmarteau
Copy link
Member

This error is rather self explanatory: use the user docker option or set the QGSRV_USER to your :

@huggla
Copy link
Author

huggla commented Nov 29, 2023
edited
Loading

Setting user to 9001:9001 doesn't change the error. /home/qgis is writable by all users. This is a problem with if [[ ! -w $HOME ]], it returns the wrong exitcode. If I start the image with entrypoint /bin/sh and run the following code I should get exitcode 0, but get 1 (even if I change user to root):

$ [ -w /tmp ]; echo $?
1

$ ls -la /tmp
total 0
drwxrwxrwt 1 root root 40 Nov  7 18:00 .
drwxr-xr-x 1 root root 60 Nov 29 09:03 ..
drwxr-xr-x 3 root root 60 Nov  6 04:16 .cache
drwx------ 2 root root 40 Nov  6 04:16 crssync-QisbHN
drwx------ 2 root root 40 Nov  6 04:16 crssync-gUwQDV

Here is where this was discussed in Alpine:
alpinelinux/docker-alpine#156

@huggla
Copy link
Author

huggla commented Nov 29, 2023

Tests with [ -r ] doesn't seem to work either but most other file tests (-e, -f, -d, etc.) works. Could you make an alternative docker-entrypoint.sh without the troublesome -w and -r tests?

@dmarteau
Copy link
Member

Setting user to 9001:9001 doesn't change the erro

You missed the point: do not set user to 9001:9001 but set it to the actuel uid:gid of your actual binded directory !

Setting directory root will not work: for security reason the image will not start

Your problem come from the fact the /home/qgis is not writable by the user that run in the container.

You may either:

  • Set user option to the actual uid:gid of the binded directory (on the host)
  • Set container env var QGSRV_USER to uid:gid of the binded directory (on the host)
  • Do not bind /home/qgis except if you really want to make Qgis settings persistent wich is not recommended in the context
    of a server - (furthemore, you way use the QGIS_OPTIONS_PATH enviironment variable)

Do not use root !

@huggla
Copy link
Author

huggla commented Nov 29, 2023

I havn't binded /home/qgis. Pure image, no mounts.

@huggla
Copy link
Author

huggla commented Nov 29, 2023

I did not try to run the image as root. I was just confirming that the write permission test [ ! -w ] fails even if I'm a superuser (root).

@dmarteau
Copy link
Member

dmarteau commented Nov 29, 2023
edited
Loading

I havn't binded /home/qgis. Pure image, no mounts.

I don't understand your issue then, the /home/qgis is created at image build with correct uid/gid and has no issue so far.

Please give more details about your environment and the command used to run the image.

@huggla
Copy link
Author

huggla commented Nov 29, 2023

As I said, this is only a problem if running on a host with a docker engine older than 20.10.0.

I copied your image and removed the problematic tests from docker-entrypoint.sh:
https://github.com/Kristianstad/qgis-map-server/pkgs/container/qgis-map-server

With this image I got further, but ended up with another error:

2023-11-29 12:44:53QGSRV_CACHE_ROOTDIR set to /qgis-data
2023-11-29 12:44:53Running as 9001:9001
2023-11-29 12:44:53Running Xvfb
2023-11-29 12:44:53nohup: appending output to '/home/qgis/nohup.out'
2023-11-29 12:44:54OpenBLAS blas_thread_init: pthread_create failed for thread 1 of 6: Operation not permitted
2023-11-29 12:44:54OpenBLAS blas_thread_init: RLIMIT_NPROC 160435 current, 160435 max
2023-11-29 12:44:54OpenBLAS blas_thread_init: pthread_create failed for thread 2 of 6: Operation not permitted
2023-11-29 12:44:54OpenBLAS blas_thread_init: RLIMIT_NPROC 160435 current, 160435 max
2023-11-29 12:44:54OpenBLAS blas_thread_init: pthread_create failed for thread 3 of 6: Operation not permitted
2023-11-29 12:44:54OpenBLAS blas_thread_init: RLIMIT_NPROC 160435 current, 160435 max
2023-11-29 12:44:54OpenBLAS blas_thread_init: pthread_create failed for thread 4 of 6: Operation not permitted
2023-11-29 12:44:54OpenBLAS blas_thread_init: RLIMIT_NPROC 160435 current, 160435 max
2023-11-29 12:44:54OpenBLAS blas_thread_init: pthread_create failed for thread 5 of 6: Operation not permitted
2023-11-29 12:44:54OpenBLAS blas_thread_init: RLIMIT_NPROC 160435 current, 160435 max
2023-11-29 12:44:54Traceback (most recent call last):
2023-11-29 12:44:54  File "/usr/local/bin/qgisserver", line 5, in <module>
2023-11-29 12:44:54    from pyqgisserver.server import main
2023-11-29 12:44:54  File "/opt/local/pyqgisserver/lib/python3.10/site-packages/pyqgisserver/server.py", line 23, in <module>
2023-11-29 12:44:54    from .runtime import run_server
2023-11-29 12:44:54  File "/opt/local/pyqgisserver/lib/python3.10/site-packages/pyqgisserver/runtime.py", line 34, in <module>
2023-11-29 12:44:54    from .qgspool import create_poolserver
2023-11-29 12:44:54  File "/opt/local/pyqgisserver/lib/python3.10/site-packages/pyqgisserver/qgspool.py", line 30, in <module>
2023-11-29 12:44:54    from .qgsworker import QgsRequestHandler
2023-11-29 12:44:54  File "/opt/local/pyqgisserver/lib/python3.10/site-packages/pyqgisserver/qgsworker.py", line 31, in <module>
2023-11-29 12:44:54    from qgis.core import QgsProject
2023-11-29 12:44:54  File "/usr/lib/python3/dist-packages/qgis/__init__.py", line 86, in <module>
2023-11-29 12:44:54    import qgis.gui
2023-11-29 12:44:54  File "/usr/lib/python3/dist-packages/qgis/gui/__init__.py", line 25, in <module>
2023-11-29 12:44:54    from qgis._gui import *
2023-11-29 12:44:54  File "<frozen importlib._bootstrap>", line 1022, in _find_and_load
2023-11-29 12:44:54KeyboardInterrupt

I guess I simply can't run your image on our old hosts anymore (up until 3.30 worked fine).

@huggla
Copy link
Author

huggla commented Nov 29, 2023

Tried the image on a newer host, running docker 23.0.6, and it worked.

@dmarteau
Copy link
Member

dmarteau commented Nov 29, 2023
edited
Loading

Docker 18 is known te be incompatible with new distros: see https://medium.com/nttlabs/ubuntu-21-10-and-fedora-35-do-not-work-on-docker-20-10-9-1cd439d9921 and HumanSignal/label-studio#3070 (ubuntu 22,04 and bookworm included).

You may try to rebuild the image using debian:bullseye as base image instead ubuntu:22.04 or bookworm

@huggla
Copy link
Author

huggla commented Nov 29, 2023

Ok, thanks.

@huggla huggla closed this as completed Nov 29, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@dmarteau @huggla