Calvin Hu Calvin Hu - 1 year ago 569
Bash Question

docker entrypoint running bash script gets "permission denied"

I'm trying to dockerize my node.js app. When the container is built I want it to run a

git clone
and then start the node server. Therefore I put these operations in a .sh script. And run the script as a single command in the ENTRYPOINT:

FROM ubuntu:14.04

RUN apt-get update && apt-get install -y build-essential libssl-dev gcc curl npm git

#install gcc 4.9
RUN apt-get install -y software-properties-common python-software-properties
RUN add-apt-repository -y ppa:ubuntu-toolchain-r/test
RUN apt-get update
RUN apt-get install -y libstdc++-4.9-dev

#install newst nodejs
RUN curl -sL | sudo -E bash -
RUN apt-get install -y nodejs

RUN mkdir -p /usr/src/app
WORKDIR /usr/src/app

ADD package.json /usr/src/app/
RUN npm install

ADD /usr/src/app/


ENTRYPOINT ["/usr/src/app/"]

My looks like this:

git clone git@<repo>.git
git add remote upstream git@<upstream_repo>.git

/usr/bin/node server.js

After building this image and run:

docker run --env NODE_ENV=development -p 8080:8080 -t -i <image>

I'm getting:

docker: Error response from daemon: oci runtime error: exec: "/usr/src/app/": permission denied.

I shell into the container and the permission of is:

-rw-r--r-- 1 root root 292 Aug 10 18:41

three questions:

  1. Does my bash script have wrong syntax?

  2. How do I change the permission of a bash file before adding it into an image?

  3. What's the best way to run multiple git commands in entrypoint without using a bash script?


Answer Source
  1. "Permission denied" prevents your script from being invoked at all. Thus, the only syntax that could be possibly pertinent is that of the first line (the "shebang"), which should look like #!/usr/bin/env bash, or #!/bin/bash, or similar depending on your target's filesystem layout.

  2. Most likely the filesystem permissions not being set to allow execute. It's also possible that the shebang references something that isn't executable, but this is far less likely.

  3. Mooted by the ease of repairing the prior issues.

The simple reading of

docker: Error response from daemon: oci runtime error: exec: "/usr/src/app/": permission denied. that the script isn't marked executable.

RUN ["chmod", "+x", "/usr/src/app/"]

will address this within the container. Alternately, you can ensure that the local copy referenced by the Dockerfile is executable, and then use COPY (which is explicitly documented to retain metadata).