From 3b4d8bff86147e69cdcebe4c5219fc7f5b4ae1bc Mon Sep 17 00:00:00 2001 From: Gari Singh Date: Sat, 30 Sep 2017 05:30:51 -0400 Subject: [PATCH] FAB-5700 Couchdb crashes with mounted volume The CouchDB image has a volume at /opt/couchdb/data which it uses to store it's persistent data. If you try to attach an external volume for this and either the host path does not exist or the permissions for the host path are incorrect, CouchDB will crash and the container will fail to start. This comes down to a permissions issue coupled with "helpful" behavior from the Docker daemon. The issue is that if the host path does not exist, the Docker daemon will create the host path but will create it under the same user as the daemon is running (which is typically root). The current Dockerfile then changes the user to couchdb but now which then runs all subsequent commands as couchdb. Although a volume is created after this, permissions are not / cannot be properly set. So this fix removes the use of the USER command in the Dockerfile, changes ownership of the volume in the docker-entrypoint script and then finally uses su-exec to start CouchDB as the couchdb user Change-Id: If8ac0e34b13d447d68b99408cebcfbf93d257c0f Signed-off-by: Gari Singh --- images/couchdb/Dockerfile.in | 2 -- images/couchdb/docker-entrypoint.sh | 4 +++- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/images/couchdb/Dockerfile.in b/images/couchdb/Dockerfile.in index f563b9fdc10..96a82d08bf9 100644 --- a/images/couchdb/Dockerfile.in +++ b/images/couchdb/Dockerfile.in @@ -74,8 +74,6 @@ RUN chmod +x /docker-entrypoint.sh \ WORKDIR /opt/couchdb EXPOSE 5984 4369 9100 -USER couchdb - VOLUME ["/opt/couchdb/data"] ENTRYPOINT ["tini", "--", "/docker-entrypoint.sh"] diff --git a/images/couchdb/docker-entrypoint.sh b/images/couchdb/docker-entrypoint.sh index 37f88a62593..64766c8fc81 100755 --- a/images/couchdb/docker-entrypoint.sh +++ b/images/couchdb/docker-entrypoint.sh @@ -44,4 +44,6 @@ if [ "$1" = '/opt/couchdb/bin/couchdb' ]; then sleep 1 fi -exec "$@" +chown -R couchdb:couchdb /opt/couchdb/data + +su-exec couchdb "$@"