#StackBounty: #mongodb #symfony #docker #docker-compose Symfony app in Docker doesn't respond in URL call

Bounty: 50

[SOLVED]

I want to add my code of Symfony application with MongoDB in a Docker image.

After I build the image of application and I recived:

PS E:myapi> docker-compose up
Starting mongo
Starting myapi_web_server_1
Attaching to mongo, myapi_web_server_1
mongo         | 2017-04-21T13:36:23.464+0000 I CONTROL  [initandlisten] MongoDB starting : pid=1 port=27017 dbpath=/data/db 64-bit host=37e6234dbaf5
mongo         | 2017-04-21T13:36:23.464+0000 I CONTROL  [initandlisten] db version v3.0.14
mongo         | 2017-04-21T13:36:23.464+0000 I CONTROL  [initandlisten] git version: 08352afcca24bfc145240a0fac9d28b978ab77f3
mongo         | 2017-04-21T13:36:23.464+0000 I CONTROL  [initandlisten] build info: Linux ip-10-30-223-232 3.2.0-4-amd64 #1 SMP Debian 3.2.46-1 x86_64 BOOST_LIB_VERSION=1_49
mongo         | 2017-04-21T13:36:23.464+0000 I CONTROL  [initandlisten] allocator: tcmalloc
mongo         | 2017-04-21T13:36:23.464+0000 I CONTROL  [initandlisten] options: { storage: { mmapv1: { smallFiles: true } } }
mongo         | 2017-04-21T13:36:23.476+0000 I JOURNAL  [initandlisten] journal dir=/data/db/journal
mongo         | 2017-04-21T13:36:23.476+0000 I JOURNAL  [initandlisten] recover : no journal files present, no recovery needed
mongo         | 2017-04-21T13:36:23.742+0000 I JOURNAL  [durability] Durability thread started
mongo         | 2017-04-21T13:36:23.742+0000 I JOURNAL  [journal writer] Journal writer thread started
mongo         | 2017-04-21T13:36:23.871+0000 I NETWORK  [initandlisten] waiting for connections on port 27017
web_server_1  | 9-1ubuntu4.21 Development Server started at Fri Apr 21 13:36:24 2017
web_server_1  | Listening on http://0.0.0.0:8000
web_server_1  | Document root is /var/www
web_server_1  | Press Ctrl-C to quit.

But when I want to access http://172.17.0.3:8000/my_api/, where 172.17.0.3 is container’s IP, I recive the message in Postman:

enter image description here

docker-compose.yml file

web_server:
    build: web_server/
    ports:
        - "8000:8000"
    links:
        - mongo
    tty: true
    environment:
        SYMFONY__MONGO_ADDRESS: mongo
        SYMFONY__MONGO_PORT: 27017

mongo:
    image: mongo:3.0
    container_name: mongo
    command: mongod --smallfiles
    expose:
        - 27017

Result for command docker-compose ps

PS E:myapi> docker-compose ps
              Name                            Command               State           Ports
--------------------------------------------------------------------------------------------------
myapi_web_server_1   /bin/bash /entrypoint.sh         Up      0.0.0.0:8000->8000/tcp
mongo                docker-entrypoint.sh mongo ...   Up      27017/tcp

And result for command docker inspect myapi_web_server_1

"NetworkSettings": {
    "Bridge": "",
    "SandboxID": "774a7dcbdbfbf7e437ddff340aedd4ce951dffa7a80deab9afb6e6a8abc70bde",
    "HairpinMode": false,
    "LinkLocalIPv6Address": "",
    "LinkLocalIPv6PrefixLen": 0,
    "Ports": {
        "8000/tcp": [
            {
                "HostIp": "0.0.0.0",
                "HostPort": "8000"
            }
        ]
    },
    "SandboxKey": "/var/run/docker/netns/774a7dcbdbfb",
    "SecondaryIPAddresses": null,
    "SecondaryIPv6Addresses": null,
    "EndpointID": "4c96f6e6f8a2c80dd7ea7469dd9d74760be1af81a8039a4f835145b8f1ef5fb5",
    "Gateway": "172.17.0.1",
    "GlobalIPv6Address": "",
    "GlobalIPv6PrefixLen": 0,
    "IPAddress": "172.17.0.3",
    "IPPrefixLen": 16,
    "IPv6Gateway": "",
    "MacAddress": "02:42:ac:11:00:03",
    "Networks": {
        "bridge": {
            "IPAMConfig": null,
            "Links": null,
            "Aliases": null,
            "NetworkID": "e174576418903bf0809edd47b77d52e2fc7644d5aacafa15ec6a8f2d15458b8a",
            "EndpointID": "4c96f6e6f8a2c80dd7ea7469dd9d74760be1af81a8039a4f835145b8f1ef5fb5",
            "Gateway": "172.17.0.1",
            "IPAddress": "172.17.0.3",
            "IPPrefixLen": 16,
            "IPv6Gateway": "",
            "GlobalIPv6Address": "",
            "GlobalIPv6PrefixLen": 0,
            "MacAddress": "02:42:ac:11:00:03"
        }
    }
}

When I try to call from http://127.0.0.1:8000/my_api I recive in Postman

enter image description here

And in console:

web_server_1  | [Fri Apr 21 13:51:08 2017] 172.17.0.1:33382 [404]: /my_api - No such file or directory

Dockerfile content is

FROM ubuntu:14.04

ENV DEBIAN_FRONTEND noninteractive

RUN apt-get update && apt-get install -y 
    git 
    curl 
    php5-cli 
    php5-json 
    php5-intl

RUN curl -sS https://getcomposer.org/installer | php
RUN mv composer.phar /usr/local/bin/composer

ADD entrypoint.sh /entrypoint.sh
ADD ./code /var/www

WORKDIR /var/www

#RUN chmod +x /entrypoint.sh
ENTRYPOINT [ "/bin/bash", "/entrypoint.sh" ]

List routes

PS E:myapiweb_servercode>  php bin/console debug:router
 ----------------------------------- -------- -------- ------ -----------------------------------
  Name                                Method   Scheme   Host   Path
 ----------------------------------- -------- -------- ------ -----------------------------------
  _wdt                                ANY      ANY      ANY    /_wdt/{token}
  _profiler_home                      ANY      ANY      ANY    /_profiler/
  _profiler_search                    ANY      ANY      ANY    /_profiler/search
  _profiler_search_bar                ANY      ANY      ANY    /_profiler/search_bar
  _profiler_info                      ANY      ANY      ANY    /_profiler/info/{about}
  _profiler_phpinfo                   ANY      ANY      ANY    /_profiler/phpinfo
  _profiler_search_results            ANY      ANY      ANY    /_profiler/{token}/search/results
  _profiler_open_file                 ANY      ANY      ANY    /_profiler/open
  _profiler                           ANY      ANY      ANY    /_profiler/{token}
  _profiler_router                    ANY      ANY      ANY    /_profiler/{token}/router
  _profiler_exception                 ANY      ANY      ANY    /_profiler/{token}/exception
  _profiler_exception_css             ANY      ANY      ANY    /_profiler/{token}/exception.css
  _twig_error_test                    ANY      ANY      ANY    /_error/{code}.{_format}
  db_transaction_postaddtransaction   POST     ANY      ANY    /my_api
  db_transaction_gettransactions      GET      ANY      ANY    /my_api/
  db_transaction_getbalance           GET      ANY      ANY    /balance/
  homepage                            ANY      ANY      ANY    /
 ----------------------------------- -------- -------- ------ -----------------------------------

Result using: list routes

{  
   "web_profiler.controller.profiler":[  
      "_wdt",
      "_profiler_home",
      "_profiler_search",
      "_profiler_search_bar",
      "_profiler_info",
      "_profiler_phpinfo",
      "_profiler_search_results",
      "_profiler_open_file",
      "_profiler"
   ],
   "web_profiler.controller.router":[  
      "_profiler_router"
   ],
   "web_profiler.controller.exception":[  
      "_profiler_exception",
      "_profiler_exception_css"
   ],
   "twig.controller.preview_error":[  
      "_twig_error_test"
   ],
   "DBBundle\Controller\TransactionController":[  
      "db_transaction_postaddtransaction",
      "db_transaction_gettransactions",
      "db_transaction_getbalance"
   ],
   "AppBundle\Controller\DefaultController":[  
      "homepage",
      "route"
   ]
}

When I start server with command php binconsole server:run all routes works.

What is wrong and how I can access the API methods?


Get this bounty!!!

#StackBounty: #lxc #docker #lxd What is the workaround for LXD-nested pivileged docker (/dev/.lxc/proc/ error)?

Bounty: 150

Launching a privileged docker container in an LXD fails with this:

docker: Error response from daemon: linux runtime spec devices: lstat /dev/.lxc/proc/1482/fdinfo/12: no such file or directory.

Steps to reproduce:

lxc launch ubuntu-daily:16.04 docker -p default -p docker
lxc exec docker -- apt install docker.io -y
lxc exec docker bash
sudo curl -L git.io/scope -o /usr/local/bin/scope
sudo chmod a+x /usr/local/bin/scope
scope launch

Original guide: https://stgraber.org/2016/04/13/lxd-2-0-docker-in-lxd-712/

Bug report: https://github.com/lxc/lxd/issues/2825

How to make it work?


Get this bounty!!!

#StackBounty: #docker #docker-compose #couchbase Couchbase and sync_gateway on docker

Bounty: 50

I’m trying to set Couchbase and sync_gateway in docker containers, but I get some weird auth errors when sync_gateway tries to connect the database.

This is my Dockerfile:

FROM couchbase/server
ENTRYPOINT ["/code/scripts/entrypoint.sh", "couchbase-server"]

The entrypoint simply configures the admin user and creates the bucket on couchbase. This part works fine.

Here’s my docker-compose:

version: '3'
services:
  couchbase_server:
    build: .
    ports:
      - "8091-8094:8091-8094"
      - "11210:11210"
    volumes:
      - .:/code
    environment:
      - CREDENTIALS=-u admin -p admin123 -c localhost:8091
      - BUCKET_NAME=sync_gateway


  sync_gateway:
    image: couchbase/sync-gateway
    links:
      - "couchbase_server:db"

    depends_on:
      - couchbase_server

    volumes:
      - ./sync_gateway_config.json:/code

    command: /code

    ports:
      - 4984:4984
      - 4985:4985

This is the sync_gateway config file:

{
    "log": ["REST"],
    "interface": ":4984",
    "databases": {
        "sync_gateway": {
            "server": "http://db:8091",
            "username": "admin",
            "password": "admin123"

        }
    }
}

And finally, this is the error I get when I run docker-compose up:

couchbase_server_1  | Setting up couchbase server...
couchbase_server_1  | SUCCESS: init/edit localhost
couchbase_server_1  | SUCCESS: bucket-create
couchbase_server_1  | Setup complete
couchbase_server_1  | Starting Couchbase Server -- Web UI available at http://localhost:8091 and logs available in /opt/couchbase/var/lib/couchbase/logs
sync_gateway_1      | 2017-03-28T11:29:51.240Z Opening Couchbase database sync_gateway on <http://db:8091> as user "admin"
sync_gateway_1      | _time=2017-03-28T11:29:51.262+00:00 _level=INFO _msg=Non-healthy node; node details:
sync_gateway_1      | _time=2017-03-28T11:29:51.262+00:00 _level=INFO _msg=Hostname=172.20.0.2:8091, Status=warmup, CouchAPIBase=http://172.20.0.2:8092/sync_gateway%2B87e2e410d0e9da0295091c6de9ae5ae7, ThisNode=true
sync_gateway_1      | 2017-03-28T11:29:51.262Z WARNING: Error installing Couchbase design doc: no available couch rest URLs -- db.installViews.func1() at database.go:577
sync_gateway_1      | _time=2017-03-28T11:29:51.263+00:00 _level=INFO _msg= Trying with http://172.20.0.2:8091/pools/default/bucketsStreaming/sync_gateway
sync_gateway_1      | _time=2017-03-28T11:29:51.268+00:00 _level=INFO _msg=Non-healthy node; node details:
sync_gateway_1      | _time=2017-03-28T11:29:51.268+00:00 _level=INFO _msg=Hostname=172.20.0.2:8091, Status=warmup, CouchAPIBase=http://172.20.0.2:8092/sync_gateway%2B87e2e410d0e9da0295091c6de9ae5ae7, ThisNode=true
sync_gateway_1      | 2017-03-28T11:29:51.268Z WARNING: Error installing Couchbase design doc: no available couch rest URLs -- db.installViews.func1() at database.go:577
sync_gateway_1      | _time=2017-03-28T11:29:51.272+00:00 _level=INFO _msg=Got new configuration for bucket sync_gateway
sync_gateway_1      | _time=2017-03-28T11:29:51.279+00:00 _level=INFO _msg=Non-healthy node; node details:
sync_gateway_1      | _time=2017-03-28T11:29:51.280+00:00 _level=INFO _msg=Hostname=172.20.0.2:8091, Status=warmup, CouchAPIBase=http://172.20.0.2:8092/sync_gateway%2B87e2e410d0e9da0295091c6de9ae5ae7, ThisNode=true
sync_gateway_1      | 2017-03-28T11:29:51.280Z WARNING: Error installing Couchbase design doc: no available couch rest URLs -- db.installViews.func1() at database.go:577
sync_gateway_1      | _time=2017-03-28T11:29:51.301+00:00 _level=INFO _msg=Non-healthy node; node details:
sync_gateway_1      | _time=2017-03-28T11:29:51.301+00:00 _level=INFO _msg=Hostname=172.20.0.2:8091, Status=warmup, CouchAPIBase=http://172.20.0.2:8092/sync_gateway%2B87e2e410d0e9da0295091c6de9ae5ae7, ThisNode=true
sync_gateway_1      | 2017-03-28T11:29:51.301Z WARNING: Error installing Couchbase design doc: no available couch rest URLs -- db.installViews.func1() at database.go:577
sync_gateway_1      | _time=2017-03-28T11:29:51.330+00:00 _level=INFO _msg=Got new configuration for bucket sync_gateway
sync_gateway_1      | _time=2017-03-28T11:29:51.342+00:00 _level=INFO _msg= Trying with selected node 0
sync_gateway_1      | _time=2017-03-28T11:29:51.399+00:00 _level=INFO _msg= Trying with selected node 0
sync_gateway_1      | 2017-03-28T11:29:51.576Z WARNING: Error from Incr in sequence allocator (0) - attempt (1/3): MCResponse status=AUTH_ERROR, opcode=SASL_AUTH, opaque=0, msg: Auth failure -- db.(*sequenceAllocator).incrWithRetry() at sequence_allocator.go:88
sync_gateway_1      | 2017-03-28T11:29:51.589Z WARNING: Error from Incr in sequence allocator (0) - attempt (2/3): MCResponse status=AUTH_ERROR, opcode=SASL_AUTH, opaque=0, msg: Auth failure -- db.(*sequenceAllocator).incrWithRetry() at sequence_allocator.go:88
sync_gateway_1      | 2017-03-28T11:29:51.602Z WARNING: Error from Incr in sequence allocator (0) - attempt (3/3): MCResponse status=AUTH_ERROR, opcode=SASL_AUTH, opaque=0, msg: Auth failure -- db.(*sequenceAllocator).incrWithRetry() at sequence_allocator.go:88
sync_gateway_1      | 2017-03-28T11:29:51.613Z WARNING: Too many unsuccessful Incr attempts in sequence allocator - giving up (0): MCResponse status=AUTH_ERROR, opcode=SASL_AUTH, opaque=0, msg: Auth failure -- db.(*sequenceAllocator).incrWithRetry() at sequence_allocator.go:94
sync_gateway_1      | 2017-03-28T11:29:51.613Z WARNING: Error from Incr in _reserveSequences(0): Unable to increment sequence: MCResponse status=AUTH_ERROR, opcode=SASL_AUTH, opaque=0, msg: Auth failure -- db.(*sequenceAllocator)._reserveSequences() at sequence_allocator.go:65
sync_gateway_1      | 2017-03-28T11:29:51.613Z FATAL: Error opening database: Unable to increment sequence: MCResponse status=AUTH_ERROR, opcode=SASL_AUTH, opaque=0, msg: Auth failure -- rest.RunServer() at config.go:677

What am I missing here?


Get this bounty!!!

#StackBounty: #windows #docker How can I run a script as administrator inside a Windows container

Bounty: 50

I am trying to install the Windows Enterprise WDK on a Docker image based on windowsservercore. The application installs by unziping and I have already done that and committed that image to Docker. Now I need to run a script that sets environment variables. According to the Enterprise WDK install instructions I must run this script as administrator. I’ve done this directly on my desktop machine and it works file. Within the Docker Container, the default login user is

PS C:> whoami
user managercontaineradministrator

I’ve tried enabling the admin account.

PS C:> net user administrator /active:yes
The command completed successfully.
PS C:> net user administrator Pa$$w0rd
The command completed successfully.

I try to start a shell as administrator, but the user does not change.

PS C:> runas /user:administrator powershell
Enter the password for administrator:
Attempting to start powershell as user "C597C386289Aadministrator" ...
PS C:> whoami
user managercontaineradministrator

And if I run my script it fails to have set any of the environment values specified in the script.

Suggestions?


Get this bounty!!!

#StackBounty: #php #cron #docker #alpine crond: can't set groups: Operation not permitted

Bounty: 50

This morning I upgraded my PHP version to 7.1 and am seeing an issue when cron tries to run php /var/www/html/artisan schedule:run (a simple PHP command) I see the output:

3/3/2017 10:39:00 AMcrond: can't set groups: Operation not permitted
3/3/2017 10:39:00 AMcrond: USER www-data pid 1562 cmd php /var/www/html/artisan schedule:run
3/3/2017 10:40:00 AMcrond: can't set groups: Operation not permitted
3/3/2017 10:40:00 AMcrond: USER www-data pid 1563 cmd php /var/www/html/artisan schedule:run
3/3/2017 10:41:00 AMcrond: can't set groups: Operation not permitted
3/3/2017 10:41:00 AMcrond: USER www-data pid 1564 cmd php /var/www/html/artisan schedule:run
3/3/2017 10:42:00 AMcrond: can't set groups: Operation not permitted
3/3/2017 10:42:00 AMcrond: USER www-data pid 1565 cmd php /var/www/html/artisan schedule:run
3/3/2017 10:43:00 AMcrond: can't set groups: Operation not permitted
3/3/2017 10:43:00 AMcrond: USER www-data pid 1566 cmd php /var/www/html/artisan schedule:run

The command being run is a Laravel artisan command. It’s run every minute allowing other scheduled work to be completed within the application itself. There’s nothing in this command that writes to any files or anything like that. The scheduled work talks to a database and sends some email. Application logs are sent to stdout since it’s a Docker container.

cron is run in a container with the command crond -f -d 8. Here’s the Dockerfile:

# This container should be used for any/all CLI processes
# including cron, queues, etc.
FROM php:7.1-alpine

# Copy the application files to the container
ADD . /var/www/html

WORKDIR /var/www/html

# fix permissions in CI
RUN sed -ri 's/^www-data:x:82:82:/www-data:x:1000:1000:/' /etc/passwd 
    && sed -ri 's/^www-data:x:82:/www-data:x:1000:/' /etc/group

# Install Composer dependencies
RUN apk add --update --no-cache git zip unzip 

        # needed for spatie/laravel-backup
        mysql-client 

        # needed for gd
        libpng-dev libjpeg-turbo-dev 

    && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*

RUN docker-php-ext-install pdo_mysql gd 

        # needed for forking processes in laravel queues as of Laravel 5.3
        pcntl

# Ownership of the app dir for www-data
RUN chown -R www-data:www-data /var/www/html /home/www-data/

# Put php artisan schedule:run in a crontab
RUN echo "*       *       *       *       *       php /var/www/html/artisan schedule:run" > /etc/crontabs/www-data

# Make sure when users get into the container they aren't root
USER www-data

I’ve ruled out that php artisan schedule:run is the cause since I can run it manually and everything’s fine. This means it’s something within cron.

What is cron doing under the covers that could cause this error?


Get this bounty!!!

#StackBounty: #php #cron #docker #alpine crond: can't set groups: Operation not permitted

Bounty: 50

This morning I upgraded my PHP version to 7.1 and am seeing an issue when cron tries to run php /var/www/html/artisan schedule:run (a simple PHP command) I see the output:

3/3/2017 10:39:00 AMcrond: can't set groups: Operation not permitted
3/3/2017 10:39:00 AMcrond: USER www-data pid 1562 cmd php /var/www/html/artisan schedule:run
3/3/2017 10:40:00 AMcrond: can't set groups: Operation not permitted
3/3/2017 10:40:00 AMcrond: USER www-data pid 1563 cmd php /var/www/html/artisan schedule:run
3/3/2017 10:41:00 AMcrond: can't set groups: Operation not permitted
3/3/2017 10:41:00 AMcrond: USER www-data pid 1564 cmd php /var/www/html/artisan schedule:run
3/3/2017 10:42:00 AMcrond: can't set groups: Operation not permitted
3/3/2017 10:42:00 AMcrond: USER www-data pid 1565 cmd php /var/www/html/artisan schedule:run
3/3/2017 10:43:00 AMcrond: can't set groups: Operation not permitted
3/3/2017 10:43:00 AMcrond: USER www-data pid 1566 cmd php /var/www/html/artisan schedule:run

The command being run is a Laravel artisan command. It’s run every minute allowing other scheduled work to be completed within the application itself. There’s nothing in this command that writes to any files or anything like that. The scheduled work talks to a database and sends some email. Application logs are sent to stdout since it’s a Docker container.

cron is run in a container with the command crond -f -d 8. Here’s the Dockerfile:

# This container should be used for any/all CLI processes
# including cron, queues, etc.
FROM php:7.1-alpine

# Copy the application files to the container
ADD . /var/www/html

WORKDIR /var/www/html

# fix permissions in CI
RUN sed -ri 's/^www-data:x:82:82:/www-data:x:1000:1000:/' /etc/passwd 
    && sed -ri 's/^www-data:x:82:/www-data:x:1000:/' /etc/group

# Install Composer dependencies
RUN apk add --update --no-cache git zip unzip 

        # needed for spatie/laravel-backup
        mysql-client 

        # needed for gd
        libpng-dev libjpeg-turbo-dev 

    && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*

RUN docker-php-ext-install pdo_mysql gd 

        # needed for forking processes in laravel queues as of Laravel 5.3
        pcntl

# Ownership of the app dir for www-data
RUN chown -R www-data:www-data /var/www/html /home/www-data/

# Put php artisan schedule:run in a crontab
RUN echo "*       *       *       *       *       php /var/www/html/artisan schedule:run" > /etc/crontabs/www-data

# Make sure when users get into the container they aren't root
USER www-data

I’ve ruled out that php artisan schedule:run is the cause since I can run it manually and everything’s fine. This means it’s something within cron.

What is cron doing under the covers that could cause this error?


Get this bounty!!!

#StackBounty: #php #cron #docker #alpine crond: can't set groups: Operation not permitted

Bounty: 50

This morning I upgraded my PHP version to 7.1 and am seeing an issue when cron tries to run php /var/www/html/artisan schedule:run (a simple PHP command) I see the output:

3/3/2017 10:39:00 AMcrond: can't set groups: Operation not permitted
3/3/2017 10:39:00 AMcrond: USER www-data pid 1562 cmd php /var/www/html/artisan schedule:run
3/3/2017 10:40:00 AMcrond: can't set groups: Operation not permitted
3/3/2017 10:40:00 AMcrond: USER www-data pid 1563 cmd php /var/www/html/artisan schedule:run
3/3/2017 10:41:00 AMcrond: can't set groups: Operation not permitted
3/3/2017 10:41:00 AMcrond: USER www-data pid 1564 cmd php /var/www/html/artisan schedule:run
3/3/2017 10:42:00 AMcrond: can't set groups: Operation not permitted
3/3/2017 10:42:00 AMcrond: USER www-data pid 1565 cmd php /var/www/html/artisan schedule:run
3/3/2017 10:43:00 AMcrond: can't set groups: Operation not permitted
3/3/2017 10:43:00 AMcrond: USER www-data pid 1566 cmd php /var/www/html/artisan schedule:run

The command being run is a Laravel artisan command. It’s run every minute allowing other scheduled work to be completed within the application itself. There’s nothing in this command that writes to any files or anything like that. The scheduled work talks to a database and sends some email. Application logs are sent to stdout since it’s a Docker container.

cron is run in a container with the command crond -f -d 8. Here’s the Dockerfile:

# This container should be used for any/all CLI processes
# including cron, queues, etc.
FROM php:7.1-alpine

# Copy the application files to the container
ADD . /var/www/html

WORKDIR /var/www/html

# fix permissions in CI
RUN sed -ri 's/^www-data:x:82:82:/www-data:x:1000:1000:/' /etc/passwd 
    && sed -ri 's/^www-data:x:82:/www-data:x:1000:/' /etc/group

# Install Composer dependencies
RUN apk add --update --no-cache git zip unzip 

        # needed for spatie/laravel-backup
        mysql-client 

        # needed for gd
        libpng-dev libjpeg-turbo-dev 

    && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*

RUN docker-php-ext-install pdo_mysql gd 

        # needed for forking processes in laravel queues as of Laravel 5.3
        pcntl

# Ownership of the app dir for www-data
RUN chown -R www-data:www-data /var/www/html /home/www-data/

# Put php artisan schedule:run in a crontab
RUN echo "*       *       *       *       *       php /var/www/html/artisan schedule:run" > /etc/crontabs/www-data

# Make sure when users get into the container they aren't root
USER www-data

I’ve ruled out that php artisan schedule:run is the cause since I can run it manually and everything’s fine. This means it’s something within cron.

What is cron doing under the covers that could cause this error?


Get this bounty!!!

#StackBounty: #php #cron #docker #alpine crond: can't set groups: Operation not permitted

Bounty: 50

This morning I upgraded my PHP version to 7.1 and am seeing an issue when cron tries to run php /var/www/html/artisan schedule:run (a simple PHP command) I see the output:

3/3/2017 10:39:00 AMcrond: can't set groups: Operation not permitted
3/3/2017 10:39:00 AMcrond: USER www-data pid 1562 cmd php /var/www/html/artisan schedule:run
3/3/2017 10:40:00 AMcrond: can't set groups: Operation not permitted
3/3/2017 10:40:00 AMcrond: USER www-data pid 1563 cmd php /var/www/html/artisan schedule:run
3/3/2017 10:41:00 AMcrond: can't set groups: Operation not permitted
3/3/2017 10:41:00 AMcrond: USER www-data pid 1564 cmd php /var/www/html/artisan schedule:run
3/3/2017 10:42:00 AMcrond: can't set groups: Operation not permitted
3/3/2017 10:42:00 AMcrond: USER www-data pid 1565 cmd php /var/www/html/artisan schedule:run
3/3/2017 10:43:00 AMcrond: can't set groups: Operation not permitted
3/3/2017 10:43:00 AMcrond: USER www-data pid 1566 cmd php /var/www/html/artisan schedule:run

The command being run is a Laravel artisan command. It’s run every minute allowing other scheduled work to be completed within the application itself. There’s nothing in this command that writes to any files or anything like that. The scheduled work talks to a database and sends some email. Application logs are sent to stdout since it’s a Docker container.

cron is run in a container with the command crond -f -d 8. Here’s the Dockerfile:

# This container should be used for any/all CLI processes
# including cron, queues, etc.
FROM php:7.1-alpine

# Copy the application files to the container
ADD . /var/www/html

WORKDIR /var/www/html

# fix permissions in CI
RUN sed -ri 's/^www-data:x:82:82:/www-data:x:1000:1000:/' /etc/passwd 
    && sed -ri 's/^www-data:x:82:/www-data:x:1000:/' /etc/group

# Install Composer dependencies
RUN apk add --update --no-cache git zip unzip 

        # needed for spatie/laravel-backup
        mysql-client 

        # needed for gd
        libpng-dev libjpeg-turbo-dev 

    && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*

RUN docker-php-ext-install pdo_mysql gd 

        # needed for forking processes in laravel queues as of Laravel 5.3
        pcntl

# Ownership of the app dir for www-data
RUN chown -R www-data:www-data /var/www/html /home/www-data/

# Put php artisan schedule:run in a crontab
RUN echo "*       *       *       *       *       php /var/www/html/artisan schedule:run" > /etc/crontabs/www-data

# Make sure when users get into the container they aren't root
USER www-data

I’ve ruled out that php artisan schedule:run is the cause since I can run it manually and everything’s fine. This means it’s something within cron.

What is cron doing under the covers that could cause this error?


Get this bounty!!!

#StackBounty: #php #cron #docker #alpine crond: can't set groups: Operation not permitted

Bounty: 50

This morning I upgraded my PHP version to 7.1 and am seeing an issue when cron tries to run php /var/www/html/artisan schedule:run (a simple PHP command) I see the output:

3/3/2017 10:39:00 AMcrond: can't set groups: Operation not permitted
3/3/2017 10:39:00 AMcrond: USER www-data pid 1562 cmd php /var/www/html/artisan schedule:run
3/3/2017 10:40:00 AMcrond: can't set groups: Operation not permitted
3/3/2017 10:40:00 AMcrond: USER www-data pid 1563 cmd php /var/www/html/artisan schedule:run
3/3/2017 10:41:00 AMcrond: can't set groups: Operation not permitted
3/3/2017 10:41:00 AMcrond: USER www-data pid 1564 cmd php /var/www/html/artisan schedule:run
3/3/2017 10:42:00 AMcrond: can't set groups: Operation not permitted
3/3/2017 10:42:00 AMcrond: USER www-data pid 1565 cmd php /var/www/html/artisan schedule:run
3/3/2017 10:43:00 AMcrond: can't set groups: Operation not permitted
3/3/2017 10:43:00 AMcrond: USER www-data pid 1566 cmd php /var/www/html/artisan schedule:run

The command being run is a Laravel artisan command. It’s run every minute allowing other scheduled work to be completed within the application itself. There’s nothing in this command that writes to any files or anything like that. The scheduled work talks to a database and sends some email. Application logs are sent to stdout since it’s a Docker container.

cron is run in a container with the command crond -f -d 8. Here’s the Dockerfile:

# This container should be used for any/all CLI processes
# including cron, queues, etc.
FROM php:7.1-alpine

# Copy the application files to the container
ADD . /var/www/html

WORKDIR /var/www/html

# fix permissions in CI
RUN sed -ri 's/^www-data:x:82:82:/www-data:x:1000:1000:/' /etc/passwd 
    && sed -ri 's/^www-data:x:82:/www-data:x:1000:/' /etc/group

# Install Composer dependencies
RUN apk add --update --no-cache git zip unzip 

        # needed for spatie/laravel-backup
        mysql-client 

        # needed for gd
        libpng-dev libjpeg-turbo-dev 

    && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*

RUN docker-php-ext-install pdo_mysql gd 

        # needed for forking processes in laravel queues as of Laravel 5.3
        pcntl

# Ownership of the app dir for www-data
RUN chown -R www-data:www-data /var/www/html /home/www-data/

# Put php artisan schedule:run in a crontab
RUN echo "*       *       *       *       *       php /var/www/html/artisan schedule:run" > /etc/crontabs/www-data

# Make sure when users get into the container they aren't root
USER www-data

I’ve ruled out that php artisan schedule:run is the cause since I can run it manually and everything’s fine. This means it’s something within cron.

What is cron doing under the covers that could cause this error?


Get this bounty!!!

#StackBounty: #php #cron #docker #alpine crond: can't set groups: Operation not permitted

Bounty: 50

This morning I upgraded my PHP version to 7.1 and am seeing an issue when cron tries to run php /var/www/html/artisan schedule:run (a simple PHP command) I see the output:

3/3/2017 10:39:00 AMcrond: can't set groups: Operation not permitted
3/3/2017 10:39:00 AMcrond: USER www-data pid 1562 cmd php /var/www/html/artisan schedule:run
3/3/2017 10:40:00 AMcrond: can't set groups: Operation not permitted
3/3/2017 10:40:00 AMcrond: USER www-data pid 1563 cmd php /var/www/html/artisan schedule:run
3/3/2017 10:41:00 AMcrond: can't set groups: Operation not permitted
3/3/2017 10:41:00 AMcrond: USER www-data pid 1564 cmd php /var/www/html/artisan schedule:run
3/3/2017 10:42:00 AMcrond: can't set groups: Operation not permitted
3/3/2017 10:42:00 AMcrond: USER www-data pid 1565 cmd php /var/www/html/artisan schedule:run
3/3/2017 10:43:00 AMcrond: can't set groups: Operation not permitted
3/3/2017 10:43:00 AMcrond: USER www-data pid 1566 cmd php /var/www/html/artisan schedule:run

The command being run is a Laravel artisan command. It’s run every minute allowing other scheduled work to be completed within the application itself. There’s nothing in this command that writes to any files or anything like that. The scheduled work talks to a database and sends some email. Application logs are sent to stdout since it’s a Docker container.

cron is run in a container with the command crond -f -d 8. Here’s the Dockerfile:

# This container should be used for any/all CLI processes
# including cron, queues, etc.
FROM php:7.1-alpine

# Copy the application files to the container
ADD . /var/www/html

WORKDIR /var/www/html

# fix permissions in CI
RUN sed -ri 's/^www-data:x:82:82:/www-data:x:1000:1000:/' /etc/passwd 
    && sed -ri 's/^www-data:x:82:/www-data:x:1000:/' /etc/group

# Install Composer dependencies
RUN apk add --update --no-cache git zip unzip 

        # needed for spatie/laravel-backup
        mysql-client 

        # needed for gd
        libpng-dev libjpeg-turbo-dev 

    && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*

RUN docker-php-ext-install pdo_mysql gd 

        # needed for forking processes in laravel queues as of Laravel 5.3
        pcntl

# Ownership of the app dir for www-data
RUN chown -R www-data:www-data /var/www/html /home/www-data/

# Put php artisan schedule:run in a crontab
RUN echo "*       *       *       *       *       php /var/www/html/artisan schedule:run" > /etc/crontabs/www-data

# Make sure when users get into the container they aren't root
USER www-data

I’ve ruled out that php artisan schedule:run is the cause since I can run it manually and everything’s fine. This means it’s something within cron.

What is cron doing under the covers that could cause this error?


Get this bounty!!!