Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Permission denied on temp config file in entrypoint #644

Open
razaqq opened this issue Sep 18, 2022 · 5 comments
Open

Permission denied on temp config file in entrypoint #644

razaqq opened this issue Sep 18, 2022 · 5 comments
Labels
influxdb

Comments

@razaqq
Copy link
Contributor

razaqq commented Sep 18, 2022

/entrypoint.sh: line 303: /tmp/config.yml: Permission denied and container restarts indefinitely
@powersj
Copy link
Contributor

powersj commented Sep 20, 2022

Hi,

Can you provide some more details, like what container image you are using? How you are launching that container? A docker file if applicable?

Thanks

@razaqq
Copy link
Contributor Author

razaqq commented Sep 20, 2022

has nothing to do with the compose file but here it is anyways
the temp file is being created with wrong permissions, set the permissions in the entrypoint or smth

version: '3'

services:
  influxdb:
    image: influxdb:latest
    container_name: influxdb
    ports:
      - 8086:8086
    volumes:
      - ./influxdb/data:/var/lib/influxdb2
      - ./influxdb/config:/etc/influxdb2
    environment:
      - DOCKER_INFLUXDB_INIT_MODE=setup
      - DOCKER_INFLUXDB_INIT_USERNAME=user
      - DOCKER_INFLUXDB_INIT_PASSWORD=pass
      - DOCKER_INFLUXDB_INIT_ORG=grafana
      - DOCKER_INFLUXDB_INIT_BUCKET=grafana
      - DOCKER_INFLUXDB_INIT_CLI_CONFIG_NAME=grafana
      - DOCKER_INFLUXDB_INIT_ADMIN_TOKEN=token
      - INFLUXD_CONFIG_PATH=/etc/influxdb2
    restart: always

@powersj
Copy link
Contributor

powersj commented Sep 21, 2022

has nothing to do with the compose file but here it is anyways

This repo contains docker files for more than one product. Based on your initial post it was not entirely clear if it was about InfluxDB or a different product. Nor did you provide a way to reproduce.

If I run with the influxdb:latest docker image, influxdb starts up with no restarting. If I run with your env settings added, InfluxDB starts up as expected as well:

docker run -it --rm -p 8086:8086 --name influxdb --env DOCKER_INFLUXDB_INIT_MODE=setup --env DOCKER_INFLUXDB_INIT_USERNAME=user --env DOCKER_INFLUXDB_INIT_PASSWORD=password! --env DOCKER_INFLUXDB_INIT_ORG=grafana --env DOCKER_INFLUXDB_INIT_BUCKET=grafana --env DOCKER_INFLUXDB_INIT_CLI_CONFIG_NAME=grafana --env DOCKER_INFLUXDB_INIT_ADMIN_TOKEN=token influxdb:latest
Command "print-config" is deprecated, use the influx-cli command server-config to display the configuration values from the running server
Command "print-config" is deprecated, use the influx-cli command server-config to display the configuration values from the running server
Command "print-config" is deprecated, use the influx-cli command server-config to display the configuration values from the running server
Command "print-config" is deprecated, use the influx-cli command server-config to display the configuration values from the running server
Command "print-config" is deprecated, use the influx-cli command server-config to display the configuration values from the running server
Command "print-config" is deprecated, use the influx-cli command server-config to display the configuration values from the running server
2022-09-21T13:45:44.872573491Z	info	booting influxd server in the background	{"system": "docker"}
2022-09-21T13:45:44.926775Z	info	Welcome to InfluxDB	{"log_id": "0d44b2sW000", "version": "v2.4.0", "commit": "de247bab08", "build_date": "2022-08-18T19:41:15Z", "log_level": "info"}
2022-09-21T13:45:44.926796Z	warn	nats-port argument is deprecated and unused	{"log_id": "0d44b2sW000"}
2022-09-21T13:45:44.930628Z	info	Resources opened	{"log_id": "0d44b2sW000", "service": "bolt", "path": "/var/lib/influxdb2/influxd.bolt"}
2022-09-21T13:45:44.930661Z	info	Resources opened	{"log_id": "0d44b2sW000", "service": "sqlite", "path": "/var/lib/influxdb2/influxd.sqlite"}
2022-09-21T13:45:44.932770Z	info	Bringing up metadata migrations	{"log_id": "0d44b2sW000", "service": "KV migrations", "migration_count": 20}
2022-09-21T13:45:45.119530Z	info	Bringing up metadata migrations	{"log_id": "0d44b2sW000", "service": "SQL migrations", "migration_count": 7}
2022-09-21T13:45:45.145449Z	info	Using data dir	{"log_id": "0d44b2sW000", "service": "storage-engine", "service": "store", "path": "/var/lib/influxdb2/engine/data"}
2022-09-21T13:45:45.145475Z	info	Compaction settings	{"log_id": "0d44b2sW000", "service": "storage-engine", "service": "store", "max_concurrent_compactions": 16, "throughput_bytes_per_second": 50331648, "throughput_bytes_per_second_burst": 50331648}
2022-09-21T13:45:45.145483Z	info	Open store (start)	{"log_id": "0d44b2sW000", "service": "storage-engine", "service": "store", "op_name": "tsdb_open", "op_event": "start"}
2022-09-21T13:45:45.145517Z	info	Open store (end)	{"log_id": "0d44b2sW000", "service": "storage-engine", "service": "store", "op_name": "tsdb_open", "op_event": "end", "op_elapsed": "0.035ms"}
2022-09-21T13:45:45.145531Z	info	Starting retention policy enforcement service	{"log_id": "0d44b2sW000", "service": "retention", "check_interval": "30m"}
2022-09-21T13:45:45.145537Z	info	Starting precreation service	{"log_id": "0d44b2sW000", "service": "shard-precreation", "check_interval": "10m", "advance_period": "30m"}
2022-09-21T13:45:45.145929Z	info	Starting query controller	{"log_id": "0d44b2sW000", "service": "storage-reads", "concurrency_quota": 1024, "initial_memory_bytes_quota_per_query": 9223372036854775807, "memory_bytes_quota_per_query": 9223372036854775807, "max_memory_bytes": 0, "queue_size": 1024}
2022-09-21T13:45:45.147014Z	info	Configuring InfluxQL statement executor (zeros indicate unlimited).	{"log_id": "0d44b2sW000", "max_select_point": 0, "max_select_series": 0, "max_select_buckets": 0}
2022-09-21T13:45:45.153822Z	info	Starting	{"log_id": "0d44b2sW000", "service": "telemetry", "interval": "8h"}
2022-09-21T13:45:45.154139Z	info	Listening	{"log_id": "0d44b2sW000", "service": "tcp-listener", "transport": "http", "addr": ":9999", "port": 9999}
2022-09-21T13:45:45.874486866Z	info	pinging influxd...	{"system": "docker", "ping_attempt": "0"}
2022-09-21T13:45:45.888892964Z	info	got response from influxd, proceeding	{"system": "docker", "total_pings": "1"}
User	Organization	Bucket
user	grafana		grafana
2022-09-21T13:45:45.973079287Z	info	Executing user-provided scripts	{"system": "docker", "script_dir": "/docker-entrypoint-initdb.d"}
2022-09-21T13:45:45.974292376Z	info	initialization complete, shutting down background influxd	{"system": "docker"}
Command "print-config" is deprecated, use the influx-cli command server-config to display the configuration values from the running server
Command "print-config" is deprecated, use the influx-cli command server-config to display the configuration values from the running server
Command "print-config" is deprecated, use the influx-cli command server-config to display the configuration values from the running server
2022-09-21T13:45:46.069897334Z	info	found existing boltdb file, skipping setup wrapper	{"system": "docker", "bolt_path": "/var/lib/influxdb2/influxd.bolt"}
2022-09-21T13:45:46.123898Z	info	Welcome to InfluxDB	{"log_id": "0d44b7Yl000", "version": "v2.4.0", "commit": "de247bab08", "build_date": "2022-08-18T19:41:15Z", "log_level": "info"}
2022-09-21T13:45:46.123937Z	warn	nats-port argument is deprecated and unused	{"log_id": "0d44b7Yl000"}
2022-09-21T13:45:46.130344Z	info	Resources opened	{"log_id": "0d44b7Yl000", "service": "bolt", "path": "/var/lib/influxdb2/influxd.bolt"}
2022-09-21T13:45:46.130381Z	info	Resources opened	{"log_id": "0d44b7Yl000", "service": "sqlite", "path": "/var/lib/influxdb2/influxd.sqlite"}
2022-09-21T13:45:46.135675Z	info	Checking InfluxDB metadata for prior version.	{"log_id": "0d44b7Yl000", "bolt_path": "/var/lib/influxdb2/influxd.bolt"}
2022-09-21T13:45:46.135735Z	info	Using data dir	{"log_id": "0d44b7Yl000", "service": "storage-engine", "service": "store", "path": "/var/lib/influxdb2/engine/data"}
2022-09-21T13:45:46.135751Z	info	Compaction settings	{"log_id": "0d44b7Yl000", "service": "storage-engine", "service": "store", "max_concurrent_compactions": 16, "throughput_bytes_per_second": 50331648, "throughput_bytes_per_second_burst": 50331648}
2022-09-21T13:45:46.135758Z	info	Open store (start)	{"log_id": "0d44b7Yl000", "service": "storage-engine", "service": "store", "op_name": "tsdb_open", "op_event": "start"}
2022-09-21T13:45:46.135806Z	info	Open store (end)	{"log_id": "0d44b7Yl000", "service": "storage-engine", "service": "store", "op_name": "tsdb_open", "op_event": "end", "op_elapsed": "0.048ms"}
2022-09-21T13:45:46.135823Z	info	Starting retention policy enforcement service	{"log_id": "0d44b7Yl000", "service": "retention", "check_interval": "30m"}
2022-09-21T13:45:46.135830Z	info	Starting precreation service	{"log_id": "0d44b7Yl000", "service": "shard-precreation", "check_interval": "10m", "advance_period": "30m"}
2022-09-21T13:45:46.136199Z	info	Starting query controller	{"log_id": "0d44b7Yl000", "service": "storage-reads", "concurrency_quota": 1024, "initial_memory_bytes_quota_per_query": 9223372036854775807, "memory_bytes_quota_per_query": 9223372036854775807, "max_memory_bytes": 0, "queue_size": 1024}
2022-09-21T13:45:46.137278Z	info	Configuring InfluxQL statement executor (zeros indicate unlimited).	{"log_id": "0d44b7Yl000", "max_select_point": 0, "max_select_series": 0, "max_select_buckets": 0}
2022-09-21T13:45:46.145620Z	info	Listening	{"log_id": "0d44b7Yl000", "service": "tcp-listener", "transport": "http", "addr": ":8086", "port": 8086}
2022-09-21T13:45:46.145641Z	info	Starting	{"log_id": "0d44b7Yl000", "service": "telemetry", "interval": "8h"}

The only things I am missing now are the two volumes you are mounting. Which makes me wonder what the permissions, user/groups are on those folders and if that is the cause. Do you see the same thing?

@holiman holiman mentioned this issue Oct 27, 2022
Closed
@razaqq
Copy link
Contributor Author

razaqq commented Sep 11, 2023
edited
Loading

has nothing to do with the compose file but here it is anyways

This repo contains docker files for more than one product. Based on your initial post it was not entirely clear if it was about InfluxDB or a different product. Nor did you provide a way to reproduce.

If I run with the influxdb:latest docker image, influxdb starts up with no restarting. If I run with your env settings added, InfluxDB starts up as expected as well:

docker run -it --rm -p 8086:8086 --name influxdb --env DOCKER_INFLUXDB_INIT_MODE=setup --env DOCKER_INFLUXDB_INIT_USERNAME=user --env DOCKER_INFLUXDB_INIT_PASSWORD=password! --env DOCKER_INFLUXDB_INIT_ORG=grafana --env DOCKER_INFLUXDB_INIT_BUCKET=grafana --env DOCKER_INFLUXDB_INIT_CLI_CONFIG_NAME=grafana --env DOCKER_INFLUXDB_INIT_ADMIN_TOKEN=token influxdb:latest
Command "print-config" is deprecated, use the influx-cli command server-config to display the configuration values from the running server
Command "print-config" is deprecated, use the influx-cli command server-config to display the configuration values from the running server
Command "print-config" is deprecated, use the influx-cli command server-config to display the configuration values from the running server
Command "print-config" is deprecated, use the influx-cli command server-config to display the configuration values from the running server
Command "print-config" is deprecated, use the influx-cli command server-config to display the configuration values from the running server
Command "print-config" is deprecated, use the influx-cli command server-config to display the configuration values from the running server
2022-09-21T13:45:44.872573491Z	info	booting influxd server in the background	{"system": "docker"}
2022-09-21T13:45:44.926775Z	info	Welcome to InfluxDB	{"log_id": "0d44b2sW000", "version": "v2.4.0", "commit": "de247bab08", "build_date": "2022-08-18T19:41:15Z", "log_level": "info"}
2022-09-21T13:45:44.926796Z	warn	nats-port argument is deprecated and unused	{"log_id": "0d44b2sW000"}
2022-09-21T13:45:44.930628Z	info	Resources opened	{"log_id": "0d44b2sW000", "service": "bolt", "path": "/var/lib/influxdb2/influxd.bolt"}
2022-09-21T13:45:44.930661Z	info	Resources opened	{"log_id": "0d44b2sW000", "service": "sqlite", "path": "/var/lib/influxdb2/influxd.sqlite"}
2022-09-21T13:45:44.932770Z	info	Bringing up metadata migrations	{"log_id": "0d44b2sW000", "service": "KV migrations", "migration_count": 20}
2022-09-21T13:45:45.119530Z	info	Bringing up metadata migrations	{"log_id": "0d44b2sW000", "service": "SQL migrations", "migration_count": 7}
2022-09-21T13:45:45.145449Z	info	Using data dir	{"log_id": "0d44b2sW000", "service": "storage-engine", "service": "store", "path": "/var/lib/influxdb2/engine/data"}
2022-09-21T13:45:45.145475Z	info	Compaction settings	{"log_id": "0d44b2sW000", "service": "storage-engine", "service": "store", "max_concurrent_compactions": 16, "throughput_bytes_per_second": 50331648, "throughput_bytes_per_second_burst": 50331648}
2022-09-21T13:45:45.145483Z	info	Open store (start)	{"log_id": "0d44b2sW000", "service": "storage-engine", "service": "store", "op_name": "tsdb_open", "op_event": "start"}
2022-09-21T13:45:45.145517Z	info	Open store (end)	{"log_id": "0d44b2sW000", "service": "storage-engine", "service": "store", "op_name": "tsdb_open", "op_event": "end", "op_elapsed": "0.035ms"}
2022-09-21T13:45:45.145531Z	info	Starting retention policy enforcement service	{"log_id": "0d44b2sW000", "service": "retention", "check_interval": "30m"}
2022-09-21T13:45:45.145537Z	info	Starting precreation service	{"log_id": "0d44b2sW000", "service": "shard-precreation", "check_interval": "10m", "advance_period": "30m"}
2022-09-21T13:45:45.145929Z	info	Starting query controller	{"log_id": "0d44b2sW000", "service": "storage-reads", "concurrency_quota": 1024, "initial_memory_bytes_quota_per_query": 9223372036854775807, "memory_bytes_quota_per_query": 9223372036854775807, "max_memory_bytes": 0, "queue_size": 1024}
2022-09-21T13:45:45.147014Z	info	Configuring InfluxQL statement executor (zeros indicate unlimited).	{"log_id": "0d44b2sW000", "max_select_point": 0, "max_select_series": 0, "max_select_buckets": 0}
2022-09-21T13:45:45.153822Z	info	Starting	{"log_id": "0d44b2sW000", "service": "telemetry", "interval": "8h"}
2022-09-21T13:45:45.154139Z	info	Listening	{"log_id": "0d44b2sW000", "service": "tcp-listener", "transport": "http", "addr": ":9999", "port": 9999}
2022-09-21T13:45:45.874486866Z	info	pinging influxd...	{"system": "docker", "ping_attempt": "0"}
2022-09-21T13:45:45.888892964Z	info	got response from influxd, proceeding	{"system": "docker", "total_pings": "1"}
User	Organization	Bucket
user	grafana		grafana
2022-09-21T13:45:45.973079287Z	info	Executing user-provided scripts	{"system": "docker", "script_dir": "/docker-entrypoint-initdb.d"}
2022-09-21T13:45:45.974292376Z	info	initialization complete, shutting down background influxd	{"system": "docker"}
Command "print-config" is deprecated, use the influx-cli command server-config to display the configuration values from the running server
Command "print-config" is deprecated, use the influx-cli command server-config to display the configuration values from the running server
Command "print-config" is deprecated, use the influx-cli command server-config to display the configuration values from the running server
2022-09-21T13:45:46.069897334Z	info	found existing boltdb file, skipping setup wrapper	{"system": "docker", "bolt_path": "/var/lib/influxdb2/influxd.bolt"}
2022-09-21T13:45:46.123898Z	info	Welcome to InfluxDB	{"log_id": "0d44b7Yl000", "version": "v2.4.0", "commit": "de247bab08", "build_date": "2022-08-18T19:41:15Z", "log_level": "info"}
2022-09-21T13:45:46.123937Z	warn	nats-port argument is deprecated and unused	{"log_id": "0d44b7Yl000"}
2022-09-21T13:45:46.130344Z	info	Resources opened	{"log_id": "0d44b7Yl000", "service": "bolt", "path": "/var/lib/influxdb2/influxd.bolt"}
2022-09-21T13:45:46.130381Z	info	Resources opened	{"log_id": "0d44b7Yl000", "service": "sqlite", "path": "/var/lib/influxdb2/influxd.sqlite"}
2022-09-21T13:45:46.135675Z	info	Checking InfluxDB metadata for prior version.	{"log_id": "0d44b7Yl000", "bolt_path": "/var/lib/influxdb2/influxd.bolt"}
2022-09-21T13:45:46.135735Z	info	Using data dir	{"log_id": "0d44b7Yl000", "service": "storage-engine", "service": "store", "path": "/var/lib/influxdb2/engine/data"}
2022-09-21T13:45:46.135751Z	info	Compaction settings	{"log_id": "0d44b7Yl000", "service": "storage-engine", "service": "store", "max_concurrent_compactions": 16, "throughput_bytes_per_second": 50331648, "throughput_bytes_per_second_burst": 50331648}
2022-09-21T13:45:46.135758Z	info	Open store (start)	{"log_id": "0d44b7Yl000", "service": "storage-engine", "service": "store", "op_name": "tsdb_open", "op_event": "start"}
2022-09-21T13:45:46.135806Z	info	Open store (end)	{"log_id": "0d44b7Yl000", "service": "storage-engine", "service": "store", "op_name": "tsdb_open", "op_event": "end", "op_elapsed": "0.048ms"}
2022-09-21T13:45:46.135823Z	info	Starting retention policy enforcement service	{"log_id": "0d44b7Yl000", "service": "retention", "check_interval": "30m"}
2022-09-21T13:45:46.135830Z	info	Starting precreation service	{"log_id": "0d44b7Yl000", "service": "shard-precreation", "check_interval": "10m", "advance_period": "30m"}
2022-09-21T13:45:46.136199Z	info	Starting query controller	{"log_id": "0d44b7Yl000", "service": "storage-reads", "concurrency_quota": 1024, "initial_memory_bytes_quota_per_query": 9223372036854775807, "memory_bytes_quota_per_query": 9223372036854775807, "max_memory_bytes": 0, "queue_size": 1024}
2022-09-21T13:45:46.137278Z	info	Configuring InfluxQL statement executor (zeros indicate unlimited).	{"log_id": "0d44b7Yl000", "max_select_point": 0, "max_select_series": 0, "max_select_buckets": 0}
2022-09-21T13:45:46.145620Z	info	Listening	{"log_id": "0d44b7Yl000", "service": "tcp-listener", "transport": "http", "addr": ":8086", "port": 8086}
2022-09-21T13:45:46.145641Z	info	Starting	{"log_id": "0d44b7Yl000", "service": "telemetry", "interval": "8h"}

The only things I am missing now are the two volumes you are mounting. Which makes me wonder what the permissions, user/groups are on those folders and if that is the cause. Do you see the same thing?

influxdb is creating tmp/config.yaml inside the container. how can the permissions be messed up? a year later this issue still exists...
how hard can it be to actually fix something in this repository?

@lencell
Copy link

lencell commented Jul 16, 2024

Hello,

I don't know if anyone still follows this issue but I think I ran into the same problem today while trying to deploy influxdb's container(influxdb:2 to be exact) and toying with the settings.
InfluxDB initialize and at the end it fails with the following:

[...]
2024-07-16T12:55:23.145008598Z  info    Executing user-provided scripts {"system": "docker", "script_dir": "/docker-entrypoint-initdb.d"}
2024-07-16T12:55:23.147739393Z  info    initialization complete, shutting down background influxd       {"system": "docker"}
tee: /tmp/config.json: Permission denied
{
  "metrics-disabled": true,
  "http-bind-address": ":9999"
}
2024-07-16T12:55:23.387953625Z  warn    cleaning bolt and engine files to prevent conflicts on retry    {"system": "docker", "bolt_path": "/var/lib/influxdb2/influxd.bolt", "engine_path": "/var/lib/influxdb2/engine"}

It looks like this happens when both a volume containing a config.{toml,yml,yaml,json} file is passed to the container and DOCKER_INFLUXDB_INIT_MODE=setup is used
From what I observed it happens regardless of whether the config file is empty or not(but the error is different if the file is empty), here is how I can reliably generate the error:

rm -rf /opt/influx/conf
mkdir -p /opt/influx/conf
cat > /opt/influx/env <<EOF
DOCKER_INFLUXDB_INIT_MODE=setup
DOCKER_INFLUXDB_INIT_USERNAME=someusername
DOCKER_INFLUXDB_INIT_PASSWORD=somepassword
DOCKER_INFLUXDB_INIT_ORG=someorg
DOCKER_INFLUXDB_INIT_BUCKET=somebucket
EOF
echo -e "---\nmetrics-disabled: true" > /opt/influx/conf/config.yaml
docker run --env-file /opt/influx/env -v /opt/influx/conf:/etc/influxdb2 -d -p 8086:8086 influxdb:2

I digged a bit in the container and to me it looks like the error is generated in the init_influxd function of the entrypoint.sh file, specifically here for the error generated above

Hope this helps.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
influxdb
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@Hipska @razaqq @powersj @lencell