GitHub Actions + Docker Build: ERROR: Could not install packages due to an OSError: [Errno 13] Permission denied: '/nonexistent'

huangapple
go评论53阅读模式
英文:

GitHub Actions + Docker Build: ERROR: Could not install packages due to an OSError: [Errno 13] Permission denied: '/nonexistent'

问题

在我的GitHub Actions工作流程中,我的构建失败了,因为Docker无法安装我的requirements.txt文件中的所有库。

COPY ./requirements.txt .步骤之后,包下载完成后,安装阶段停止,并显示错误:ERROR: Could not install packages due to an OSError: [Errno 13] Permission denied: '/nonexistent'

当我查看日志时,我注意到:

#7 [2/7] RUN adduser --system nonroot
#0 0.105 添加系统用户`nonroot' (UID 100) ...
#0 0.105 添加新用户`nonroot' (UID 100),并使用`nogroup'组...
#7 0.117 未创建`/nonexistent'。 <---???
#7 DONE 0.7s

这是昨天成功的CI工作流的片段:

#7 [2/7] RUN adduser --system nonroot
#0 0.099 添加系统用户`nonroot' (UID 101) ...
#0 0.099 添加新用户`nonroot' (UID 101),并使用`nogroup'组...
#7 0.120 创建主目录`/home/nonroot' ...
#7 DONE 0.5s

我不明白是什么原因导致了这个问题。我的Dockerfile几个月来都没有更改:

FROM python:3.10-slim

RUN adduser --system nonroot
USER nonroot

WORKDIR /home/nonroot
RUN mkdir /home/nonroot/app

COPY ./requirements.txt .
RUN pip3 install --no-cache-dir -r requirements.txt

COPY . .

CMD ["python3", "standings.py"]
英文:

I have a GitHub Actions workflow where my build is failing because Docker can't install all of libraries from my requirements.txt file.

During the COPY ./requirements.txt . step and after the packages are finished downloading, the install phase stops with the error: ERROR: Could not install packages due to an OSError: [Errno 13] Permission denied: '/nonexistent'

As I was looking through the logs, I noticed:

#7 [2/7] RUN adduser --system nonroot
#0 0.105 Adding system user `nonroot' (UID 100) ...
#0 0.105 Adding new user `nonroot' (UID 100) with group `nogroup' ...
#7 0.117 Not creating `/nonexistent'. <---???
#7 DONE 0.7s

This is a snippet from a CI workflow that succeeded yesterday:

#7 [2/7] RUN adduser --system nonroot
#0 0.099 Adding system user `nonroot' (UID 101) ...
#0 0.099 Adding new user `nonroot' (UID 101) with group `nogroup' ...
#7 0.120 Creating home directory `/home/nonroot' ...
#7 DONE 0.5s

I don't understand what is causing this. My Dockerfile has not changed in months.

FROM python:3.10-slim

RUN adduser --system nonroot
USER nonroot

WORKDIR /home/nonroot
RUN mkdir /home/nonroot/app

COPY ./requirements.txt .
RUN pip3 install --no-cache-dir -r requirements.txt

COPY . .

CMD ["python3", "standings.py"]

答案1

得分: 4

关于adduser的行为发生了变化,涉及系统用户。

TLDR;

系统用户现在不再默认创建主目录(实际上,它们会得到/nonexistent,这应该永远不存在 :D)。如果您仍然需要为该系统用户创建主目录,则必须设置--home DIR参数。

详细说明

adduser的行为变化发生在:https://salsa.debian.org/debian/adduser/-/merge_requests/20,并且也可以在Debian两个版本的man页面中找到:

在这个特定情况下,Python项目已经将默认的python:3.10 OCI镜像从Debian bullseye更改为bookworm,链接在此:https://github.com/docker-library/python/pull/822,它现在使用具有先前链接更改的新版本的adduser

英文:

There has been a change in the behaviour of adduser in relation to system users.

TLDR;

System users now do not get a home directory by default (actually, they get /nonexistent, which should never exist :D). If you still require a home directory for this system user, the --home DIR argument must be set.

Full explanation

The behavioural change in adduser change happened at: https://salsa.debian.org/debian/adduser/-/merge_requests/20, and can also be seen in the manpages of both Debian versions:

In this specific case, the Python project has replaced the default python:3.10 OCI image, from Debian bullseye to bookwork, at https://github.com/docker-library/python/pull/822, which now uses the new version of adduser with the previously linked change.

答案2

得分: 0

我仍然不知道发生了什么变化,但我已经更新了我的Dockerfile如下:

FROM python:3.10-slim

ARG USERNAME=nonroot-user
ARG USER_UID=1000
ARG USER_GID=$USER_UID

RUN groupadd --gid $USER_GID $USERNAME \
    && useradd --uid $USER_UID --gid $USER_GID -m $USERNAME

USER $USERNAME

WORKDIR /home/nonroot
RUN mkdir /home/nonroot/app

COPY ./requirements.txt .
RUN pip3 install --no-cache-dir -r requirements.txt

COPY . .

CMD ["python3", "stadiums.py"]

然后一切都正常。 smh。

英文:

I still don't know what changed but I updated my Dockerfile to:

FROM python:3.10-slim

ARG USERNAME=nonroot-user
ARG USER_UID=1000
ARG USER_GID=$USER_UID

RUN groupadd --gid $USER_GID $USERNAME \
    && useradd --uid $USER_UID --gid $USER_GID -m $USERNAME

USER $USERNAME

WORKDIR /home/nonroot
RUN mkdir /home/nonroot/app


COPY ./requirements.txt .
RUN pip3 install --no-cache-dir -r requirements.txt

COPY . .

CMD ["python3", "stadiums.py"]

then all is good. smh.

huangapple
  • 本文由 发表于 2023年6月16日 04:01:03
  • 转载请务必保留本文链接:https://go.coder-hub.com/76485156.html
  • docker
  • github-actions
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定