You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@jena.apache.org by Martynas Jusevičius <ma...@atomgraph.com> on 2021/09/09 22:42:54 UTC
jena-fuseki-docker: java.io.IOException: Permission denied
Hi,
I've replaced our own Fuseki Docker setup with the one from
jena-fuseki-docker. The files are here:
https://github.com/AtomGraph/fuseki-docker/tree/official-dockerfile
However when I build the image and use it in an existing
docker-compose setup, I get the error "java.io.IOException: Permission
denied" and Fuseki container quits.
Any idea on how I should start debugging this? I suspect this has to
do with missing permissions for the non-privileged user.
I tried rootLogger.level = DEBUG in log4j2.properties, but that did
not print any more output.
Martynas
Re: jena-fuseki-docker: java.io.IOException: Permission denied
Posted by Martynas Jusevičius <ma...@atomgraph.com>.
So apparently there is "no way to set the UID and GID as a mount
option in Docker".
https://stackoverflow.com/questions/30140911/can-i-control-the-owner-of-a-bind-mounted-volume-in-a-docker-image/30141637
Which makes a portable setup with mounted folders while running the
container as a non-root user complicated.
If anyone has (portable) workarounds, I'd be interested to hear them.
On Sat, Sep 11, 2021 at 12:04 AM Martynas Jusevičius
<ma...@atomgraph.com> wrote:
>
> My mistake: I hadn't changed the tbd:location path and also mounted a
> different folder than /fuseki/databases.
>
> But that doesn't solve the problem still because apparently the
> mounted folder gets permissions from the host filesystem and is
> therefore owned by root, and the fuseki user does not have access to
> it.
> If I don't mount the folder, the container starts fine and I see that
> /fuseki/databases is owned by fuseki.
>
> I see chown -R fuseki ${FUSEKI_DIR} in the Dockerfile but that does
> not seem to help. I guess I need to dive into StackOverflow.
>
> On Fri, Sep 10, 2021 at 12:42 AM Martynas Jusevičius
> <ma...@atomgraph.com> wrote:
> >
> > Hi,
> >
> > I've replaced our own Fuseki Docker setup with the one from
> > jena-fuseki-docker. The files are here:
> > https://github.com/AtomGraph/fuseki-docker/tree/official-dockerfile
> >
> > However when I build the image and use it in an existing
> > docker-compose setup, I get the error "java.io.IOException: Permission
> > denied" and Fuseki container quits.
> >
> > Any idea on how I should start debugging this? I suspect this has to
> > do with missing permissions for the non-privileged user.
> > I tried rootLogger.level = DEBUG in log4j2.properties, but that did
> > not print any more output.
> >
> > Martynas
Re: jena-fuseki-docker: java.io.IOException: Permission denied
Posted by Martynas Jusevičius <ma...@atomgraph.com>.
My mistake: I hadn't changed the tbd:location path and also mounted a
different folder than /fuseki/databases.
But that doesn't solve the problem still because apparently the
mounted folder gets permissions from the host filesystem and is
therefore owned by root, and the fuseki user does not have access to
it.
If I don't mount the folder, the container starts fine and I see that
/fuseki/databases is owned by fuseki.
I see chown -R fuseki ${FUSEKI_DIR} in the Dockerfile but that does
not seem to help. I guess I need to dive into StackOverflow.
On Fri, Sep 10, 2021 at 12:42 AM Martynas Jusevičius
<ma...@atomgraph.com> wrote:
>
> Hi,
>
> I've replaced our own Fuseki Docker setup with the one from
> jena-fuseki-docker. The files are here:
> https://github.com/AtomGraph/fuseki-docker/tree/official-dockerfile
>
> However when I build the image and use it in an existing
> docker-compose setup, I get the error "java.io.IOException: Permission
> denied" and Fuseki container quits.
>
> Any idea on how I should start debugging this? I suspect this has to
> do with missing permissions for the non-privileged user.
> I tried rootLogger.level = DEBUG in log4j2.properties, but that did
> not print any more output.
>
> Martynas