chown: changing ownership of '/var/lib/mysql/': Operation not permitted

Asked 17/1, 2018 at 16:57 Answered 9/5 at 10:31

Solved docker openshift mariadb dockerfile openshift-origin

I am trying to deploy a mariadb image on openshift origin. I am using mariadb:10.2.12 in my docker file. It works ok on local but I get following error when I try to deploy on openshift origin.

Initializing database chown: changing ownership of '/var/lib/mysql/': Operation not permitted Cannot change ownership of the database directories to the 'mysql' user. Check that you have the necessary permissions and try again.

The chown command comes from mariadb:10.2.12 Docker file.

Initially I had the issue of root user which is not allowed on openshift origin, so now I am using

USER mysql

in the docker file. Now I don't get warning of running as root but still openshift origin don't like chown. Remember I am not the admin of origin, only a user. My docker file is as follows:

FROM mariadb:10.2.12

ENV MYSQL_DATABASE="db_profile"

COPY ./my.cnf /etc/mysql/my.cnf
COPY ./db_profile.sql /docker-entrypoint-initdb.d/

USER mysql

EXPOSE 3306

and on local I run it as follows:

docker build . -t laeeq/ligandprofiledb:0.0.1

docker run --name test-mysql -e MYSQL_ROOT_PASSWORD=mypassword -d laeeq/ligandprofiledb:0.0.1

Is there a workaround to solve this chown problem?

Acnode answered 17/1, 2018 at 16:57 Comment(0)

The MariaDB images on DockerHub don't follow good practice of not requiring to be run as root user.

You should instead use the MariaDB images provided by OpenShift. Eg:

centos/mariadb-102-centos7

See:

https://github.com/sclorg/mariadb-container

There should be an ability to select MariaDB from the service catalog browser in the OpenShift web console, or use the mariadb template from the command line.

Mistrot answered 18/1, 2018 at 0:16 Comment(5)

I was using mariadb from Dockerhub because I need to copy database at start. Is it possible with centos/mariadb-102-centos7. I do COPY ./my.cnf /etc/mysql/my.cnf COPY ./db_profile.sql /docker-entrypoint-initdb.d/ with the mariadb official image from Dockerhub. – Acnode 18/1, 2018 at 10:7

One way of doing it might be to introduce an alternate startup script into the container using a config map. Then in the deployment set the startup command to run the alternate startup script which does what you need before then executing the original startup script, or have it just start database if you have copied original. – Mistrot 18/1, 2018 at 10:52

Had the same issue while running the container on Azure but this image didn't fixed the issue, tried with hub.docker.com/r/bitnami/mysql and it's working. – Knighthood 10/11, 2022 at 23:9

@FilipeYaBaPolido any progress from then? – Satori 24/8, 2023 at 20:49

@PavelT Haven't tried again, just used bitnami image and was good. – Knighthood 27/8, 2023 at 19:22

$ ls -ld /var/lib
drwxr-xr-x 79 root root 4096 Oct  7 20:58 /var/lib

So, to change anything in that directory, including /var/lib/mysql/, you need to be root.

Irritability answered 17/1, 2018 at 18:7 Comment(2)

openshift origin doesn't allow to run as root. I also added RUN adduser mysql root but still does not work. – Acnode 17/1, 2018 at 18:15

If Openshift is a cloud provider, take the issue up with them. – Irritability 17/1, 2018 at 18:19

You should change ownership before USER mysql in Dockerfile or if you need to run container as a root you should define service account and make it privileged for your deployment. You can follow this https://github.com/openshift/origin/issues/9131#issuecomment-231952259

Clareta answered 18/1, 2018 at 5:59 Comment(0)

If you are using nfs storage for persistent storage.

Add (insecure,no_root_squash) to your /etc/exports file and restart NFS service. That should solve your problem.

/sql/path           *(insecure,no_root_squash)

Foamy answered 9/5 at 10:31 Comment(0)

Recommended topics

Hot tags