[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Operation not permitted



By default openshift will run you as a high uid (not a non-root user).
You can add the service account to the "nonroot" security context to
get the ability to run as the couchdb user (although if the container
doesn't set the USER directive you will still get assigned a UID):

    oadm policy add-scc-to-user nonroot -z default

You may have to edit the pod template in the DC to set an explicit
user (whatever the UID for couchdb is under
container.securityContext.runAsUser=UID)

On Mon, Feb 15, 2016 at 6:34 AM, Candide Kemmler
<candide intrinsic world> wrote:
> I get a bunch of "Operation not permitted" errors as I am trying to deploy a
> docker container from docker.io:
>
> chown: changing ownership of '/usr/local/var/lib/couchdb/lost+found':
> Operation not permitted
> chown: changing ownership of '/usr/local/var/lib/couchdb': Operation not
> permitted
> chown: changing ownership of '/usr/local/var/log/couchdb': Operation not
> permitted
> chown: changing ownership of '/usr/local/var/run/couchdb': Operation not
> permitted
> chown: changing ownership of '/usr/local/etc/couchdb/default.ini': Operation
> not permitted
> chown: changing ownership of '/usr/local/etc/couchdb/local.d': Operation not
> permitted
> chown: changing ownership of '/usr/local/etc/couchdb/local.ini': Operation
> not permitted
> chown: changing ownership of '/usr/local/etc/couchdb/default.d': Operation
> not permitted
> chown: changing ownership of '/usr/local/etc/couchdb': Operation not
> permitted
>
> The Dockerfile indeed has instructions to change the permissions inside of
> the container:
>
> [...]
>
> && chown -R couchdb:couchdb \
> /usr/local/lib/couchdb /usr/local/etc/couchdb \
> /usr/local/var/lib/couchdb /usr/local/var/log/couchdb
> /usr/local/var/run/couchdb \
> && chmod -R g+rw \
> /usr/local/lib/couchdb /usr/local/etc/couchdb \
> /usr/local/var/lib/couchdb /usr/local/var/log/couchdb
> /usr/local/var/run/couchdb \
>
> [...]
>
> Note that selinux is disabled on my cluster's machines.
>
> _______________________________________________
> users mailing list
> users lists openshift redhat com
> http://lists.openshift.redhat.com/openshiftmm/listinfo/users
>


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]