Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Deploying in a Linux target yields permissions errors #15

Open
simonprev opened this issue Aug 8, 2024 · 2 comments
Open

Deploying in a Linux target yields permissions errors #15

simonprev opened this issue Aug 8, 2024 · 2 comments
Assignees
Labels
bug Something isn't working question Further information is requested

Comments

@simonprev
Copy link

Description

Deploying to ECS/Fargate yields permissions error

2024/08/07 15:08:23 [crit] 35#35: *35 connect() to unix:/var/run/php/php-fpm.sock failed (13: Permission denied) while connecting to upstream, client: 10.0.128.102, server: _, request: "GET /ping HTTP/1.1", upstream: "fastcgi://unix:/var/run/php/php-fpm.sock:", host: "10.0.34.223:8080"

CRIT Supervisor is running as root. Privileges were not dropped because no user is specified in the config file. If you intend to run as root, you can set user=root in the config file to avoid this message.

ERROR: failed to open error_log (/proc/self/fd/2): Permission denied (13)

As I understand it, ECS execute tasks as user root. There is a mismatch somewhere with php-fpm/supervisord/nginx. The closest report of the bug I found was this: https://github.com/shipping-docker/vessel-docs/blob/master/source/docs/linux-permissions.md#docker-and-linux-permissions

If I force the task to execute as appuser, it also yields other permissions errors.

The bug is not present in my macos dev setup.

Steps to reproduce

  1. Build a docker image with the default Dockerfile in the examples
  2. Deploy it in a linux environment
  3. See error about permissions
@simonprev simonprev added the bug Something isn't working label Aug 8, 2024
@jasonmccallister jasonmccallister self-assigned this Sep 5, 2024
@jasonmccallister
Copy link
Member

Hi @simonprev, we are deploying these images to ECS and I have not seen this issue. I will try to reproduce this and let you know what I find.

@jasonmccallister
Copy link
Member

@simonprev I've deployed a few more projects to ECS using these images and cannot reproduce, can you provide more details (e.g. config) on your ECS task definition and service?

@jasonmccallister jasonmccallister added the question Further information is requested label Dec 2, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working question Further information is requested
Projects
None yet
Development

No branches or pull requests

2 participants