/etc/resolv.conf has wrong permissions on install in standalone docker

(Stewart Robinson) #1

We just had a strange event where inside the standalone docker instance the root user could do lookups on DNS but the discourse user couldn’t. This was because /etc/resolv.conf has 600 perms rather than 644

/etc/resolv.conf has wrong permissions on install

The discourse user which the apps is running as can’t read the file and therefore email polling Jobs::PollMailbox was failing due to having no available DNS servers.

(Sam Saffron) #2

This is all coming from docker … resolv.conf is one of the magic files docker places in the container.

sam@ubuntu ~ % docker run -it --rm local_discourse/standalone2 /bin/bash
root@ee729dc459f4:/# cd /etc/
root@ee729dc459f4:/etc# ls -al resolv.conf 
-rw-r--r-- 1 root root 189 May 22 03:30 resolv.conf

In our hosted containers:

root@tiefighter4-meta:/# cd /etc/
root@tiefighter4-meta:/etc# ls -al resolv.conf 
-rw-r--r-- 1 root root 118 May 22 01:32 resolv.conf

Maybe something wrong with your Docker install?

What version are you on?

(Stewart Robinson) #3

After running a ./launcher rebuild the perms were fixed. Until I had the issue I had never executed a shell inside the container.

root@io:~# docker info
Containers: 3
Images: 35
Storage Driver: devicemapper
 Pool Name: docker-202:0-115903-pool
 Pool Blocksize: 65.54 kB
 Backing Filesystem: extfs
 Data file:
 Metadata file:
 Data Space Used: 3.745 GB
 Data Space Total: 107.4 GB
 Data Space Available: 103.6 GB
 Metadata Space Used: 4.289 MB
 Metadata Space Total: 2.147 GB
 Metadata Space Available: 2.143 GB
 Udev Sync Supported: false
 Library Version: 1.02.82-git (2013-10-04)
Execution Driver: native-0.2
Kernel Version: 4.0.2-x86_64-linode56
Operating System: Ubuntu 14.04.2 LTS
CPUs: 6
Total Memory: 7.827 GiB
Name: io.indexventures.com
WARNING: No memory limit support
WARNING: No swap limit support
root@io:~# docker version
Client version: 1.6.2
Client API version: 1.18
Go version (client): go1.4.2
Git commit (client): 7c8fca2
OS/Arch (client): linux/amd64
Server version: 1.6.2
Server API version: 1.18
Go version (server): go1.4.2
Git commit (server): 7c8fca2
OS/Arch (server): linux/amd64

(Sam Saffron) #4

totally unsupported, you are going to need to get AUFS working, devicemapper is just broken in Docker.

(Stewart Robinson) #5

Unfortunately I think I’m in the Ubuntu 14.04 camp on Linode. I’ve just found a meta post from codinghorror suggesting to someone else they move host