2017-04-03 38 views
1

ドッカー実行コマンドをrootユーザーとして実行しようとしています。しかし、特権に関連したエラーが出ています。ドッカー実行の実行時にエラーが発生しました

これを解決するために何を調べる必要があるかについて、誰でも正しい方向に導くことができますか?それは、私のチームの人たちが困惑しています。私たちは他のボックスや画像をローカルで問題なく実行できるので、間違いなく画像ではないことが分かります。 CentOSのオン

おかげ

docker run -it -p 8091:8081 999999999.dkr.ecr.ap-southeast-2.amazonaws.com/999999999.dkr.ecr.ap-southeast-2.amazonaws.com/node-xref-api-v2 
panic: standard_init_linux.go:178: exec user process caused "permission denied" [recovered] 
    panic: standard_init_linux.go:178: exec user process caused "permission denied" 

goroutine 1 [running, locked to thread]: 
panic(0x6f3000, 0xc42012ee70) 
    /usr/lib/golang/src/runtime/panic.go:500 +0x1a1 
github.com/urfave/cli.HandleAction.func1(0xc42007f748) 
    /builddir/build/BUILD/docker-96d83a5ff6ec0eb9bb7b45192c3048fd3aef5e21/runc-81b254244390bc636b20c87c34a3d9e1a8645069/Godeps/_workspace/src/github.com/urfave/cli/app.go:478 +0x247 
panic(0x6f3000, 0xc42012ee70) 
    /usr/lib/golang/src/runtime/panic.go:458 +0x243 
github.com/opencontainers/runc/libcontainer.(*LinuxFactory).StartInitialization.func1(0xc42007f198, 0xc42001e0b0, 0xc42007f238) 
    /builddir/build/BUILD/docker-96d83a5ff6ec0eb9bb7b45192c3048fd3aef5e21/runc-81b254244390bc636b20c87c34a3d9e1a8645069/Godeps/_workspace/src/github.com/opencontainers/runc/libcontainer/factory_linux.go:259 +0x18f 
github.com/opencontainers/runc/libcontainer.(*LinuxFactory).StartInitialization(0xc42004e8c0, 0xaac9c0, 0xc42012ee70) 
    /builddir/build/BUILD/docker-96d83a5ff6ec0eb9bb7b45192c3048fd3aef5e21/runc-81b254244390bc636b20c87c34a3d9e1a8645069/Godeps/_workspace/src/github.com/opencontainers/runc/libcontainer/factory_linux.go:277 +0x353 
main.glob..func8(0xc420082780, 0x0, 0x0) 
    /builddir/build/BUILD/docker-96d83a5ff6ec0eb9bb7b45192c3048fd3aef5e21/runc-81b254244390bc636b20c87c34a3d9e1a8645069/main_unix.go:26 +0x66 
reflect.Value.call(0x6ddd80, 0x769ce8, 0x13, 0x73c1c9, 0x4, 0xc42007f708, 0x1, 0x1, 0x4d17a8, 0x732020, ...) 
    /usr/lib/golang/src/reflect/value.go:434 +0x5c8 
reflect.Value.Call(0x6ddd80, 0x769ce8, 0x13, 0xc42007f708, 0x1, 0x1, 0xac2700, 0xc42007f6e8, 0x4da786) 
    /usr/lib/golang/src/reflect/value.go:302 +0xa4 
github.com/urfave/cli.HandleAction(0x6ddd80, 0x769ce8, 0xc420082780, 0x0, 0x0) 
    /builddir/build/BUILD/docker-96d83a5ff6ec0eb9bb7b45192c3048fd3aef5e21/runc-81b254244390bc636b20c87c34a3d9e1a8645069/Godeps/_workspace/src/github.com/urfave/cli/app.go:487 +0x1e0 
github.com/urfave/cli.Command.Run(0x73c395, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x74d9d9, 0x51, 0x0, ...) 
    /builddir/build/BUILD/docker-96d83a5ff6ec0eb9bb7b45192c3048fd3aef5e21/runc-81b254244390bc636b20c87c34a3d9e1a8645069/Godeps/_workspace/src/github.com/urfave/cli/command.go:191 +0xc3b 
github.com/urfave/cli.(*App).Run(0xc4200c6000, 0xc42000c120, 0x2, 0x2, 0x0, 0x0) 
    /builddir/build/BUILD/docker-96d83a5ff6ec0eb9bb7b45192c3048fd3aef5e21/runc-81b254244390bc636b20c87c34a3d9e1a8645069/Godeps/_workspace/src/github.com/urfave/cli/app.go:240 +0x611 
main.main() 
    /builddir/build/BUILD/docker-96d83a5ff6ec0eb9bb7b45192c3048fd3aef5e21/runc-81b254244390bc636b20c87c34a3d9e1a8645069/main.go:137 +0xbd6 
[[email protected] ~]# ^C 
[[email protected] ~]# sudo docker run -it -p 8091:8081 231827969312.dkr.ecr.ap-southeast-2.amazonaws.com/231827969312.dkr.ecr.ap-southeast-2.amazonaws.com/node-xref-api-v2 
panic: standard_init_linux.go:178: exec user process caused "permission denied" [recovered] 
    panic: standard_init_linux.go:178: exec user process caused "permission denied" 

goroutine 1 [running, locked to thread]: 
panic(0x6f3000, 0xc42011ce70) 
    /usr/lib/golang/src/runtime/panic.go:500 +0x1a1 
github.com/urfave/cli.HandleAction.func1(0xc42007f748) 
    /builddir/build/BUILD/docker-96d83a5ff6ec0eb9bb7b45192c3048fd3aef5e21/runc-81b254244390bc636b20c87c34a3d9e1a8645069/Godeps/_workspace/src/github.com/urfave/cli/app.go:478 +0x247 
panic(0x6f3000, 0xc42011ce70) 
    /usr/lib/golang/src/runtime/panic.go:458 +0x243 
github.com/opencontainers/runc/libcontainer.(*LinuxFactory).StartInitialization.func1(0xc42007f198, 0xc42001e0c8, 0xc42007f238) 
    /builddir/build/BUILD/docker-96d83a5ff6ec0eb9bb7b45192c3048fd3aef5e21/runc-81b254244390bc636b20c87c34a3d9e1a8645069/Godeps/_workspace/src/github.com/opencontainers/runc/libcontainer/factory_linux.go:259 +0x18f 
github.com/opencontainers/runc/libcontainer.(*LinuxFactory).StartInitialization(0xc42004f590, 0xaac9c0, 0xc42011ce70) 
    /builddir/build/BUILD/docker-96d83a5ff6ec0eb9bb7b45192c3048fd3aef5e21/runc-81b254244390bc636b20c87c34a3d9e1a8645069/Godeps/_workspace/src/github.com/opencontainers/runc/libcontainer/factory_linux.go:277 +0x353 
main.glob..func8(0xc420082a00, 0x0, 0x0) 
    /builddir/build/BUILD/docker-96d83a5ff6ec0eb9bb7b45192c3048fd3aef5e21/runc-81b254244390bc636b20c87c34a3d9e1a8645069/main_unix.go:26 +0x66 
reflect.Value.call(0x6ddd80, 0x769ce8, 0x13, 0x73c1c9, 0x4, 0xc42007f708, 0x1, 0x1, 0x4d17a8, 0x732020, ...) 
    /usr/lib/golang/src/reflect/value.go:434 +0x5c8 
reflect.Value.Call(0x6ddd80, 0x769ce8, 0x13, 0xc42007f708, 0x1, 0x1, 0xac2700, 0xc42007f6e8, 0x4da786) 
    /usr/lib/golang/src/reflect/value.go:302 +0xa4 
github.com/urfave/cli.HandleAction(0x6ddd80, 0x769ce8, 0xc420082a00, 0x0, 0x0) 
    /builddir/build/BUILD/docker-96d83a5ff6ec0eb9bb7b45192c3048fd3aef5e21/runc-81b254244390bc636b20c87c34a3d9e1a8645069/Godeps/_workspace/src/github.com/urfave/cli/app.go:487 +0x1e0 
github.com/urfave/cli.Command.Run(0x73c395, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x74d9d9, 0x51, 0x0, ...) 
    /builddir/build/BUILD/docker-96d83a5ff6ec0eb9bb7b45192c3048fd3aef5e21/runc-81b254244390bc636b20c87c34a3d9e1a8645069/Godeps/_workspace/src/github.com/urfave/cli/command.go:191 +0xc3b 
github.com/urfave/cli.(*App).Run(0xc4200a0000, 0xc42000c120, 0x2, 0x2, 0x0, 0x0) 
    /builddir/build/BUILD/docker-96d83a5ff6ec0eb9bb7b45192c3048fd3aef5e21/runc-81b254244390bc636b20c87c34a3d9e1a8645069/Godeps/_workspace/src/github.com/urfave/cli/app.go:240 +0x611 
main.main() 
    /builddir/build/BUILD/docker-96d83a5ff6ec0eb9bb7b45192c3048fd3aef5e21/runc-81b254244390bc636b20c87c34a3d9e1a8645069/main.go:137 +0xbd6 
+0

何ホストOS permissiveモードにSELinuxを設定することで、一時的にそれを修正しました?いCentosウィルSelinux ?? – opHASnoNAME

+0

こんにちは。ホストはCentOSです – Richie

答えて

3

私 "は/ varが" 実行権限なしに実装したとき、私はこのエラーを得ました。

可能であれば、EXEC権限でそれを再マウントしよう:

mount /var/ -o remount,exec 

とドッカーエンジンを再起動します。

systemctl restart docker.service 

これがうまくいく場合は、fstabsを調整し、あなたの助けのためのnoexec

関連する問題