You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Getting an error during Storage directory creation when deploying container to IBM's OpenShift service.
chown: changing ownership of '/var/www/html/storage/app/public': Operation not permitted
chown: changing ownership of '/var/www/html/storage/app': Operation not permitted
chown: changing ownership of '/var/www/html/storage/framework/cache': Operation not permitted
chown: changing ownership of '/var/www/html/storage/framework/sessions': Operation not permitted
chown: changing ownership of '/var/www/html/storage/framework/views': Operation not permitted
chown: changing ownership of '/var/www/html/storage/framework': Operation not permitted
chown: changing ownership of '/var/www/html/storage/logs': Operation not permitted
chown: changing ownership of '/var/www/html/storage': Operation not permitted
OpenShift uses additional security constraints when running a container. Unlike Docker or Kubernetes, OpenShift does not run containers using the root user. Per RedHat:
By default, OpenShift Container Platform runs containers using an arbitrarily assigned user ID. This provides additional security against processes escaping the container due to a container engine vulnerability and thereby achieving escalated permissions on the host node.
For an image to support running as an arbitrary user, directories and files that may be written to by processes in the image should be owned by the root group and be read/writable by that group. Files to be executed should also have group execute permissions.
When I look at the Dockerfiles, I see that it builds an image, then runs .sh's further building stuff inside the container. Was wondering if it was possible to build out the directory hierarchy and structure before building the container... pushing all the shell scripts into the Dockerfile to avoid having root issues inside the container?
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
Hi everyone!
Getting an error during Storage directory creation when deploying container to IBM's OpenShift service.
OpenShift uses additional security constraints when running a container. Unlike Docker or Kubernetes, OpenShift does not run containers using the root user. Per RedHat:
When I look at the Dockerfiles, I see that it builds an image, then runs .sh's further building stuff inside the container. Was wondering if it was possible to build out the directory hierarchy and structure before building the container... pushing all the shell scripts into the Dockerfile to avoid having root issues inside the container?
Beta Was this translation helpful? Give feedback.
All reactions