Docker EACCES permission denied mkdir
My friend gave me a project with a dockerfile which seems to work just fine for him but I get a permission error.
FROM node:alpine
RUN mkdir -p /usr/src/node-app && chown -R node:node /usr/src/node-app
WORKDIR /usr/src/node-app
COPY package.json yarn.lock ./
COPY ./api/package.json ./api/
COPY ./iso/package.json ./iso/
USER node
RUN yarn install --pure-lockfile
COPY --chown=node:node . .
EXPOSE 3000
error An unexpected error occurred: "EACCES: permission denied, mkdir '/usr/src/node-app/node_modules/<project_name>/api/node_modules'".
Could it be a docker version error?
COPY normally copies things into the image owned by root, and it will create directories inside the image if they don't exist. In particular, when you COPY ./api/package.json ./api/, it creates the api subdirectory owned by root, and when you later try to run yarn install, it can't create the node_modules subdirectory because you've switched users.
I'd recommend copying files into the container and running the build process as root. Don't chown anything; leave all of these files owned by root. Switch to an alternate USER only at the very end of the Dockerfile, where you declare the CMD. This means that the non-root user running the container won't be able to modify the code or libraries in the container, intentionally or otherwise, which is a generally good security practice.
FROM node:alpine
# Don't RUN mkdir; WORKDIR creates the directory if it doesn't exist
WORKDIR /usr/src/node-app
# All of these files and directories are owned by root
COPY package.json yarn.lock ./
COPY ./api/package.json ./api/
COPY ./iso/package.json ./iso/
# Run this installation command still as root
RUN yarn install --pure-lockfile
# Copy in the rest of the application, still as root
COPY . .
# RUN yarn build
# Declare how to run the container -- _now_ switch to a non-root user
EXPOSE 3000
USER node
CMD yarn start
- Docker Compose prompted error: no configuration file provided: not found
- Docker start privileged?
- Gilab CI: load ssh key from environment variable
- Docker build "Could not resolve 'archive.ubuntu.com'" apt-get fails to install anything
- PostgreSQL database not connecting to spring-boot application
- how to stop/pause a pod in kubernetes
- Why is Docker installed but not Docker Compose?
- Docker compose can not start service network not found after restart docker
- Using Docker with nodejs with node-gyp dependencies
- Unable to load dynamic library 'oci8.so' (PHP 7.2)
- How do you connect to postgres running in a Docker container on OSx?
- Interactive shell in Docker image with Amazon ECS with `aws ecs run-task` followed by `aws ecs execute-command`
- My docker container has no internet
- docker:Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
- COPY with docker but with exclusion
- 'name' does not match any of the regexes: '^x-' while trying to set the project name in a docker-compose.yml
- ERROR DockerEnvironmentFactory: Docker container xxxxx logs, when trying to run Apache Beam pipeline written in Go using Spark runner
- Can't push docker image to Gitlab registry from pipeline: "denied: access forbidden"
- Kind kubernetes cluster failed to pull docker images
- How to run a command once in Docker compose
- Docker: adding a file from a parent directory
- Adding files to standard images using docker-compose
- Docker Image > 1GB in size from python:3.8.3-alpine
- Cannot remove Docker container with status "Created"
- docker: executable file not found in $PATH
- Spring Boot application shutting down immediately after start
- Locating data volumes in Docker Desktop (Windows)
- Setup custom cleanup for docker images in nexus repository
- How to assign more memory to docker container
- Sort by memory usage in docker stats