3.4.6 docker image write permission error.

[vietthang207]

Hi all. I'd like to report a bug for docker image tag 3.4.6. I think it was pushed on Friday Nov 9th or Satturday Nov 10th.

This is the system log:

Nov 12 01:02:10 prod-redmine-server redmine7198: `/home/redmine` is not a directory.
Nov 12 01:02:10 prod-redmine-server redmine7198: Bundler will use `/tmp/bundler/home/unknown' as your home directory temporarily.
Nov 12 01:02:10 prod-redmine-server redmine7198: Bundler can't satisfy your Gemfile's dependencies.
Nov 12 01:02:10 prod-redmine-server redmine7198: Install missing gems with `bundle install`.
Nov 12 01:02:10 prod-redmine-server redmine7198: `/home/redmine` is not a directory.
Nov 12 01:02:10 prod-redmine-server redmine7198: Bundler will use `/tmp/bundler/home/unknown' as your home directory temporarily.
Nov 12 01:02:10 prod-redmine-server redmine7198: There was an error while trying to write to `/usr/local/bundle/config`. It is
Nov 12 01:02:10 prod-redmine-server redmine7198: likely that you need to grant write permissions for that path.

I think it is because redmine is trying to edit /usr/local/bundler/config, but the permission is 0644, and the owner is root, group id is staff.

Thanks in advance!

[popovpo]

I have similar problem, but if i load locally saved image from disk (from previous build) - all fine. It seems that last updates raise errors.

[vietthang207]

@popovpo Me too, It only happened on my production server and I can't reproduce on another VM. I tried to dump the database and include all datafile, but this works just fine on a brand new installation.

[ricardoapaes]

Here is also happening, do we have any solution?

[tianon]

The timeline on docker-library/official-images#5054 merge lines up with #136 being "the change" here, but that's almost all making things more permissive (not less), so I can't really see how/where this would've caused this. 😕

[vietthang207]

It probably due to this plugin. https://github.com/scrum2b/scrum2b

[citiscaner]

Same issue i am facing with a fresh rebuild services.

[f466162]

Same problem here with the same error message in the logs. Can I provide any additional information to dig into the problem?

[tianon]

It would be really helpful to have a way to reproduce so we can debug what's going on.

[f466162]

Ok, I will try my best ;-)

The Docker version used is: Docker version 18.06.1-ce, build e68fc7a

I use the Redmine 3.4 image in a Docker Compose setup:

  redmine:
    image: redmine:3.4
    restart: 'no'
    hostname: 'redmine.local'
    environment:
      REDMINE_DB_POSTGRES: xxx
      REDMINE_DB_DATABASE: xxx
      REDMINE_DB_USERNAME: xxx
      REDMINE_DB_PASSWORD: xxx
      REDMINE_PLUGINS_MIGRATE: 1
    links:
      - pgsql:database
    depends_on:
      - pgsql
    volumes:
      - '/xxx/redmine_configuration.yml:/usr/src/redmine/config/configuration.yml'
      - '/xxx/redmine_files:/usr/src/redmine/files'
      - '/xxx/redmine_plugins:/usr/src/redmine/plugins'
      - '/xxx/redmine_home:/home/redmine'
    mem_limit: 512M

As you can see I already added /home/redmine as a volume. I did a chown nobody and one permission error is gone (see log below).

The plugins folder contains three plugins:

• redmine_ldap_sync
• redmine_pretend
• redmine_xlsx_format_issue_exporter

The log shows up the following:

Nov 14 20:46:22 sys redmine:3.4[1093]: Bundler can't satisfy your Gemfile's dependencies.
Nov 14 20:46:22 sys redmine:3.4[1093]: Install missing gems with `bundle install`.
Nov 14 20:46:23 sys redmine:3.4[1093]: There was an error while trying to write to `/usr/local/bundle/config`. It is
Nov 14 20:46:23 sys redmine:3.4[1093]: likely that you need to grant write permissions for that path.

The image is pulled on a daily base from hub.docker.com and unmodified.

If you need any additional information, let me know.

[tianon]

I've got a first pass for at least the home directory related issues at #141 that could definitely use some testing. 👍

[tianon]

#141 fixed the /home/redmine bits of this issue, but I'm reopening to track the weirdness around /usr/local/bundle/config that we haven't been able to reproduce reliably yet to even start to debug what's going on there.

[Silex]

@tianon: it looks like any plugin that has a Gemfile triggers the behavior. Digging a bit further atm.

[Silex]

This looks pretty straightforward: the user redmine cannot write to /usr/local/bundle/config.

philippe@pv-desktop:~/work/stvs/redmine$ docker-compose run --rm web bash
Starting redmine_database_1_91a1fc10efb4 ... done
root@3882a473d0eb:/usr/src/redmine# bash -x /docker-entrypoint.sh passenger start
+ set -Eeo pipefail
+ isLikelyRedmine=
+ case "$1" in
+ isLikelyRedmine=1
+ '[' -n 1 ']'
++ id -u
+ '[' 0 = 0 ']'
+ _fix_permissions
++ id -u
+ '[' 0 = 0 ']'
+ find config files log public/plugin_assets '!' -user redmine -exec chown redmine:redmine '{}' +
+ find config files log public/plugin_assets tmp -type d '!' -perm 755 -exec chmod 755 '{}' +
+ find config files log public/plugin_assets tmp -type f '!' -perm 644 -exec chmod 644 '{}' +
+ exec gosu redmine /docker-entrypoint.sh passenger start
Bundler can't satisfy your Gemfile's dependencies.
Install missing gems with `bundle install`.
There was an error while trying to write to `/usr/local/bundle/config`. It is likely that you need to grant write permissions for that path.

The part executed as user redmine with more debugging information:

root@3882a473d0eb:/usr/src/redmine# gosu redmine bash
redmine@3882a473d0eb:/usr/src/redmine$ bash -x /docker-entrypoint.sh passenger start
+ set -Eeo pipefail
+ isLikelyRedmine=
+ case "$1" in
+ isLikelyRedmine=1
+ '[' -n 1 ']'
++ id -u
+ '[' 999 = 0 ']'
+ '[' -n 1 ']'
+ _fix_permissions
++ id -u
+ '[' 999 = 0 ']'
+ find config files log public/plugin_assets tmp -type d '!' -perm 755 -exec chmod 755 '{}' +
+ find config files log public/plugin_assets tmp -type f '!' -perm 644 -exec chmod 644 '{}' +
+ '[' '!' -f ./config/database.yml ']'
++ ruby -e '
			require '\''yaml'\''
			conf = YAML.load_file('\''./config/database.yml'\'')
			puts conf['\''production'\'']['\''adapter'\'']
		'
+ adapter=mysql2
+ cp Gemfile.lock.mysql2 Gemfile.lock
+ bundle check
Bundler can't satisfy your Gemfile's dependencies.
Install missing gems with `bundle install`.
+ bundle install --without development test
There was an error while trying to write to `/usr/local/bundle/config`. It is likely that you need to grant write permissions for that path.

Basically because of the gosu at https://github.com/docker-library/redmine/blob/master/3.4/docker-entrypoint.sh#L45, the user changes to redmine and this user has no right to do bundle install.

This looks like a basic oversight, but I'm not sure what the right way out of it is.

[Silex]

Found a fix!

unset BUNDLE_APP_CONFIG 
unset BUNDLE_PATH

Not sure if it's the right one, or how to apply it tho. Maybe it should be gem install --user-install bundler in the Dockerfile.

[Silex]

Also I noticed this:

root@92f9cb45f073:/usr/src/redmine# ls -alh /home/redmine/
total 12K
drwxrwxrwt 1 redmine redmine 4.0K Nov 20 10:18 .
drwxr-xr-x 1 root    root    4.0K Nov 20 10:17 ..
drwxr-xr-x 3 root    root    4.0K Nov 20 10:18 .bundle

The directory .bundle being owned by root cannot be a good thing no?

[tianon]

Thanks for the digging! I've finally managed to reproduce with the following simple steps thanks to your additional clues:

$ mkdir oh-no
$ echo "gem 'l'" > oh-no/Gemfile
$ docker run -it --rm -v "$PWD/oh-no":/usr/src/redmine/plugins/oh-no:ro redmine:3.4

(Which fails immediately with the same error so I can help investigate, debug, and come up with a fix.)

[tianon]

Fix up at #142. 👍

[Silex]

@tianon: many thanks 🙏

[f466162]

My instance is back up after pulling the current image - thanks a lot! 👍

[citiscaner]

Many thanks!

[hrmon]

Hi, I am still facing this problem with the exact same message. I don't know if I messed up somewhere.
Here is the docker-compose.yml:

version: "3"

services:
  postgres:
    image: postgres:11.1
    restart: always
    environment:
      - PGDATA=/data/db
      - POSTGRES_PASSWORD=12345678
      - POSTGRES_USER=postgres
      - POSTGRES_DB=redmine
    volumes:
      - /data/db:/data/db

  redmine:
    image: redmine:3.4-passenger
    restart: always
    volumes:
      - /data/files:/usr/src/redmine/files
      - /data/plugins:/usr/src/redmine/plugins
      - /data/themes:/user/src/redmine/public/themes
    environment:
      - REDMINE_DB_POSTGRES=postgres
      - REDMINE_DB_DATABASE=redmine
      - REDMINE_DB_PASSWORD=xxx
    depends_on:
      - postgres

And I have one plugin in /data/plugins with these permissions:

drwxr-xr-x 7 root root 4096 Dec 24 21:33 my_plugin

Can anyone help?

[hrmon]

As a simpler way to produce the error:

$ mkdir oh-no
$ echo "gem 'l'" > oh-no/Gemfile
$ docker run -it --rm -v "$PWD/oh-no":/usr/src/redmine/plugins/oh-no:ro redmine:3.4-passenger

result:

warning: missing REDMINE_DB_MYSQL, REDMINE_DB_POSTGRES, or REDMINE_DB_SQLSERVER environment variables

*** Using sqlite3 as fallback. ***

`/home/redmine` is not a directory.
Bundler will use `/tmp/bundler/home/unknown' as your home directory temporarily.
Bundler can't satisfy your Gemfile's dependencies.
Install missing gems with `bundle install`.
`/home/redmine` is not a directory.
Bundler will use `/tmp/bundler/home/unknown' as your home directory temporarily.
There was an error while trying to write to `/usr/local/bundle/config`. It is likely that you need to grant write permissions for that path.

[tianon]

@hrmon I used your exact commands but added docker pull redmine:3.4-passenger before docker run and it works fine here 😕

[hrmon]

@hrmon I used your exact commands but added docker pull redmine:3.4-passenger before docker run and it works fine here confused

Well I tried it just now and it didn't work. Do you have any idea what can be the problem or how can I investigate it?
(On my system I use docker run with sudo)