Comments (21)
EibrielInv
commented on July 21, 2024
Adding this to Dockerfile:
USER $MOD_WSGI_USER:$MOD_WSGI_GROUP
Dockerfile:
FROM grahamdumpleton/mod-wsgi-docker:python-3.4
WORKDIR /app
RUN pip install Flask
RUN pip install requests
RUN pip install pymongo
RUN pip install Flask-Babel
COPY . /app
RUN pybabel compile -d web_server/web_server/translations
RUN mod_wsgi-docker-build
EXPOSE 80
ENTRYPOINT [ "mod_wsgi-docker-start" ]
USER $MOD_WSGI_USER:$MOD_WSGI_GROUP
CMD [ "--working-directory", "web_server", \
"--url-alias", "/web_server/static", "static", \
"web_server.wsgi" ]
The log output is:
(13)Permission denied: AH00072: make_sock: could not bind to address [::]:80
(13)Permission denied: AH00072: make_sock: could not bind to address 0.0.0.0:80
no listening sockets available, shutting down
AH00015: Unable to open logs
from mod_wsgi-docker.
GrahamDumpleton
commented on July 21, 2024
While I work out what I have overlooked in latest changes, set the 'uid' option when running 'docker'. Eg:
docker run --rm -u 33 -t test1
That is '-u 33'.
That I believe should let it run at least.
I have been making various changes lately to allow it to be run as a non root container. I thought I had checked that it would still worke as root, but I must have made some further change after doing that check which broke it.
from mod_wsgi-docker.
GrahamDumpleton
commented on July 21, 2024
I don't get the problem though when running with the USER line in the Dockerfile as you do, which should effectively be the equivalent of the -u option on docker. What is the docker run command you are using? How are you using -p option of docker run to remap ports?
from mod_wsgi-docker.
EibrielInv
commented on July 21, 2024
Thanks!
My docker create command, it was working with an old cached version of mod_wsgi-docker:
docker create --link=widudev_devmain_1:widudev_devmain_1 -l widudev_devweb_1 --name=widudev_devweb_1 -p=8080:80 widudev_devweb:latest
Sadly is not helping, it has the same effect as USER $MOD_WSGI_USER:$MOD_WSGI_GROUP
With -u 33 docker run --rm -u 33 -t widudev_devweb:latest
Server URL : http://localhost/
Server Root : /tmp/mod_wsgi-localhost:80:33
Server Conf : /tmp/mod_wsgi-localhost:80:33/httpd.conf
Error Log File : |/usr/bin/tee (warn)
Startup Log File : /dev/tty
Request Capacity : 5 (1 process * 5 threads)
Request Timeout : 60 (seconds)
Queue Backlog : 100 (connections)
Queue Timeout : 45 (seconds)
Server Capacity : 20 (event/worker), 20 (prefork)
Server Backlog : 500 (connections)
Locale Setting : en_US.UTF-8
(13)Permission denied: AH00072: make_sock: could not bind to address [::]:80
(13)Permission denied: AH00072: make_sock: could not bind to address 0.0.0.0:80
no listening sockets available, shutting down
AH00015: Unable to open logs
Without -u 33 docker run --rm -t widudev_devweb:latest
Server URL : http://localhost/
Server Root : /tmp/mod_wsgi-localhost:80:0
Server Conf : /tmp/mod_wsgi-localhost:80:0/httpd.conf
Error Log File : /dev/stderr (warn)
Startup Log File : /dev/stderr
Request Capacity : 5 (1 process * 5 threads)
Request Timeout : 60 (seconds)
Queue Backlog : 100 (connections)
Queue Timeout : 45 (seconds)
Server Capacity : 20 (event/worker), 20 (prefork)
Server Backlog : 500 (connections)
Locale Setting : en_US.UTF-8
[Fri Oct 23 20:13:19.577633 2015] [mpm_event:notice] [pid 1:tid 139987040724736] AH00489: Apache/2.4.17 (Unix) mod_wsgi/4.4.21 Python/3.4.3 configured -- resuming normal operations
[Fri Oct 23 20:13:19.577735 2015] [wsgi:alert] [pid 21:tid 139987040724736] (2)No such file or directory: mod_wsgi (pid=21): Unable to set groups for uname=www-data and gid=33.
[Fri Oct 23 20:13:19.578001 2015] [wsgi:alert] [pid 21:tid 139987040724736] mod_wsgi (pid=21): Failure to configure the daemon process correctly and process left in unspecified state. Restarting daemon process after delay.
[Fri Oct 23 20:13:19.578232 2015] [core:notice] [pid 1:tid 139987040724736] AH00094: Command line: 'httpd (mod_wsgi-express) -f /tmp/mod_wsgi-localhost:80:0/httpd.conf -E /dev/stderr -D MOD_WSGI_COMPRESS_RESPONSES -D MOD_WSGI_MPM_ENABLE_EVENT_MODULE -D MOD_WSGI_MPM_EXISTS_EVENT_MODULE -D MOD_WSGI_MPM_EXISTS_WORKER_MODULE -D MOD_WSGI_MPM_EXISTS_PREFORK_MODULE -D FOREGROUND'
[Fri Oct 23 20:13:19.578072 2015] [unixd:alert] [pid 22:tid 139987040724736] (2)No such file or directory: AH02157: initgroups: unable to set groups for User www-data and Group 33
[Fri Oct 23 20:13:39.598099 2015] [wsgi:alert] [pid 35:tid 139987040724736] (2)No such file or directory: mod_wsgi (pid=35): Unable to set groups for uname=www-data and gid=33.
[Fri Oct 23 20:13:39.598899 2015] [wsgi:alert] [pid 35:tid 139987040724736] mod_wsgi (pid=35): Failure to configure the daemon process correctly and process left in unspecified state. Restarting daemon process after delay.
from mod_wsgi-docker.
GrahamDumpleton
commented on July 21, 2024
Try with a really plain Dockerfile of:
FROM grahamdumpleton/mod-wsgi-docker:python-3.4
WORKDIR /app
RUN mod_wsgi-docker-build
EXPOSE 80
ENTRYPOINT [ "mod_wsgi-docker-start" ]
USER $MOD_WSGI_USER:$MOD_WSGI_GROUP
See if that at least works with:
docker run --rm -t test1
No -u option required.
from mod_wsgi-docker.
EibrielInv
commented on July 21, 2024
The output:
Server URL : http://localhost/
Server Root : /tmp/mod_wsgi-localhost:80:33
Server Conf : /tmp/mod_wsgi-localhost:80:33/httpd.conf
Error Log File : |/usr/bin/tee (warn)
Startup Log File : /dev/tty
Request Capacity : 5 (1 process * 5 threads)
Request Timeout : 60 (seconds)
Queue Backlog : 100 (connections)
Queue Timeout : 45 (seconds)
Server Capacity : 20 (event/worker), 20 (prefork)
Server Backlog : 500 (connections)
Locale Setting : en_US.UTF-8
(13)Permission denied: AH00072: make_sock: could not bind to address [::]:80
(13)Permission denied: AH00072: make_sock: could not bind to address 0.0.0.0:80
no listening sockets available, shutting down
AH00015: Unable to open logs
from mod_wsgi-docker.
EibrielInv
commented on July 21, 2024
If I add the line RUN setcap 'cap_net_bind_service=+ep' /usr/local/apache/bin/httpd after RUN mod_wsgi-docker-build returns the following error:
Step 3 : RUN setcap 'cap_net_bind_service=+ep' /usr/local/apache/bin/httpd
---> Running in d683efa04d05
Failed to set capabilities on file `/usr/local/apache/bin/httpd' (Invalid argument)
The value of the capability argument is not permitted for a file. Or the file is not a regular (non-symlink) file
INFO[0016] The command [/bin/sh -c setcap 'cap_net_bind_service=+ep' /usr/local/apache/bin/httpd] returned a non-zero code: 1
Maybe is related?
from mod_wsgi-docker.
EibrielInv
commented on July 21, 2024
I've found the problem: fcap is not supported on AUFS, the storage backend used by Docker in my current configuration.
docker info | grep Driver
returns
Storage Driver: aufs
Execution Driver: native-0.2
WARNING: No swap limit support
I'll need some other way to bind to the ports
from mod_wsgi-docker.
GrahamDumpleton
commented on July 21, 2024
I will have a new image for you to try soon. Part of the problem relates to nss_wrapper library not working when used from root.
from mod_wsgi-docker.
GrahamDumpleton
commented on July 21, 2024
Try pulling down the latest image now. Don't use USER in the Dockerfile nor the -u option to docker run.
Even if that works, can you then try with USER in the Dockerfile so I know whether that makes a difference in that case.
from mod_wsgi-docker.
EibrielInv
commented on July 21, 2024
Without -u
docker run --rm -t test1
/usr/local/bin/mod_wsgi-docker-start: line 57: $NSS_WRAPPER_PASSWD: ambiguous redirect
/usr/local/bin/mod_wsgi-docker-start: line 58: $NSS_WRAPPER_GROUP: ambiguous redirect
/usr/local/bin/mod_wsgi-docker-start: line 60: $NSS_WRAPPER_PASSWD: ambiguous redirect
/usr/local/bin/mod_wsgi-docker-start: line 61: $NSS_WRAPPER_GROUP: ambiguous redirect
Server URL : http://localhost/
Server Root : /tmp/mod_wsgi-localhost:80:0
Server Conf : /tmp/mod_wsgi-localhost:80:0/httpd.conf
Error Log File : /dev/stderr (warn)
Startup Log File : /dev/stderr
Request Capacity : 5 (1 process * 5 threads)
Request Timeout : 60 (seconds)
Queue Backlog : 100 (connections)
Queue Timeout : 45 (seconds)
Server Capacity : 20 (event/worker), 20 (prefork)
Server Backlog : 500 (connections)
Locale Setting : en_US.UTF-8
[Fri Oct 23 22:50:32.748339 2015] [mpm_event:notice] [pid 1:tid 139685207697152] AH00489: Apache/2.4.17 (Unix) mod_wsgi/4.4.21 Python/3.4.3 configured -- resuming normal operations
[Fri Oct 23 22:50:32.748863 2015] [core:notice] [pid 1:tid 139685207697152] AH00094: Command line: 'httpd (mod_wsgi-express) -f /tmp/mod_wsgi-localhost:80:0/httpd.conf -E /dev/stderr -D MOD_WSGI_MPM_ENABLE_EVENT_MODULE -D MOD_WSGI_MPM_EXISTS_EVENT_MODULE -D MOD_WSGI_MPM_EXISTS_WORKER_MODULE -D MOD_WSGI_MPM_EXISTS_PREFORK_MODULE -D FOREGROUND'
With -u
docker run --rm -u 33 -t test1
/usr/local/bin/mod_wsgi-docker-start: line 57: $NSS_WRAPPER_PASSWD: ambiguous redirect
/usr/local/bin/mod_wsgi-docker-start: line 58: $NSS_WRAPPER_GROUP: ambiguous redirect
/usr/local/bin/mod_wsgi-docker-start: line 60: $NSS_WRAPPER_PASSWD: ambiguous redirect
/usr/local/bin/mod_wsgi-docker-start: line 61: $NSS_WRAPPER_GROUP: ambiguous redirect
NWRAP_ERROR(1) - nwrap_files_cache_reload: Unable to open '/.whiskey/passwd' readonly -1:No such file or directory
NWRAP_ERROR(1) - nwrap_files_cache_reload: Unable to open '/.whiskey/passwd' readonly -1:No such file or directory
Server URL : http://localhost/
Server Root : /tmp/mod_wsgi-localhost:80:33
Server Conf : /tmp/mod_wsgi-localhost:80:33/httpd.conf
Error Log File : |/usr/bin/tee (warn)
Startup Log File : /dev/tty
Request Capacity : 5 (1 process * 5 threads)
Request Timeout : 60 (seconds)
Queue Backlog : 100 (connections)
Queue Timeout : 45 (seconds)
Server Capacity : 20 (event/worker), 20 (prefork)
Server Backlog : 500 (connections)
Locale Setting : en_US.UTF-8
NWRAP_ERROR(1) - nwrap_files_cache_reload: Unable to open '/.whiskey/passwd' readonly -1:No such file or directory
NWRAP_ERROR(1) - nwrap_files_cache_reload: Unable to open '/.whiskey/passwd' readonly -1:No such file or directory
AH00543: httpd (mod_wsgi-express): bad user name www-data
Is working now using root 👍
from mod_wsgi-docker.
GrahamDumpleton
commented on July 21, 2024
That will teach me to test before committing. I couldn't download huge amounts of date to rebuild properly locally where I am. Try pulling again and try both tests.
from mod_wsgi-docker.
EibrielInv
commented on July 21, 2024
Without -u 33
docker run --rm -t test1
Server URL : http://localhost/
Server Root : /tmp/mod_wsgi-localhost:80:0
Server Conf : /tmp/mod_wsgi-localhost:80:0/httpd.conf
Error Log File : /dev/stderr (warn)
Startup Log File : /dev/stderr
Request Capacity : 5 (1 process * 5 threads)
Request Timeout : 60 (seconds)
Queue Backlog : 100 (connections)
Queue Timeout : 45 (seconds)
Server Capacity : 20 (event/worker), 20 (prefork)
Server Backlog : 500 (connections)
Locale Setting : en_US.UTF-8
[Sat Oct 24 15:16:31.653556 2015] [mpm_event:notice] [pid 1:tid 140043874408192] AH00489: Apache/2.4.17 (Unix) mod_wsgi/4.4.21 Python/3.4.3 configured -- resuming normal operations
[Sat Oct 24 15:16:31.653995 2015] [core:notice] [pid 1:tid 140043874408192] AH00094: Command line: 'httpd (mod_wsgi-express) -f /tmp/mod_wsgi-localhost:80:0/httpd.conf -E /dev/stderr -D MOD_WSGI_MPM_ENABLE_EVENT_MODULE -D MOD_WSGI_MPM_EXISTS_EVENT_MODULE -D MOD_WSGI_MPM_EXISTS_WORKER_MODULE -D MOD_WSGI_MPM_EXISTS_PREFORK_MODULE -D FOREGROUND'
With -u 33
run --rm -u 33 -t test1
Server URL : http://localhost/
Server Root : /tmp/mod_wsgi-localhost:80:33
Server Conf : /tmp/mod_wsgi-localhost:80:33/httpd.conf
Error Log File : |/usr/bin/tee (warn)
Startup Log File : /dev/tty
Request Capacity : 5 (1 process * 5 threads)
Request Timeout : 60 (seconds)
Queue Backlog : 100 (connections)
Queue Timeout : 45 (seconds)
Server Capacity : 20 (event/worker), 20 (prefork)
Server Backlog : 500 (connections)
Locale Setting : en_US.UTF-8
(13)Permission denied: AH00072: make_sock: could not bind to address [::]:80
(13)Permission denied: AH00072: make_sock: could not bind to address 0.0.0.0:80
no listening sockets available, shutting down
AH00015: Unable to open logs
The could not bind to address error is ok, because will never work for me, using aufs storage driver is not possible to grant capabilities.
from mod_wsgi-docker.
EibrielInv
commented on July 21, 2024
I don't know if you want to close the issue, or we can try to find a workaround.
from mod_wsgi-docker.
GrahamDumpleton
commented on July 21, 2024
I am using aufs so I should be able to duplicate it then.
$ docker info | grep Driver
Storage Driver: aufs
Execution Driver: native-0.2
Logging Driver: json-file
I will risk the big downloads of a rebuild to see if can replicate again.
from mod_wsgi-docker.
GrahamDumpleton
commented on July 21, 2024
No go. Can't pull base images from Docker hub where I am for some reason. Will need to wait until tomorrow.
from mod_wsgi-docker.
GrahamDumpleton
commented on July 21, 2024
What Docker version is being used?
Still can't replicate even though using aufs.
from mod_wsgi-docker.
EibrielInv
commented on July 21, 2024
OS: Ubuntu 14.04.3 LTS (GNU/Linux 3.13.0-24-generic x86_64) on a Cloud Server (Virtual Machine)
Docker:
Client version: 1.6.2
Client API version: 1.18
Go version (client): go1.4.2
Git commit (client): 7c8fca2
OS/Arch (client): linux/amd64
Server version: 1.6.2
Server API version: 1.18
Go version (server): go1.4.2
Git commit (server): 7c8fca2
OS/Arch (server): linux/amd64
from mod_wsgi-docker.
GrahamDumpleton
commented on July 21, 2024
I am using:
Client:
Version: 1.8.2
API version: 1.20
Go version: go1.4.2
Git commit: 0a8c2e3
Built: Thu Sep 10 19:10:10 UTC 2015
OS/Arch: darwin/amd64
Server:
Version: 1.8.3
API version: 1.20
Go version: go1.4.2
Git commit: f4bf5c7
Built: Mon Oct 12 18:01:15 UTC 2015
OS/Arch: linux/amd64
So newer version of Docker.
My Synology NAS box uses Docker 1.6.2, so will try there and see if it works.
from mod_wsgi-docker.
GrahamDumpleton
commented on July 21, 2024
Confirmed that this problem occurs on Docker 1.6.2 but does not occur with Docker 1.8.2.
from mod_wsgi-docker.
EibrielInv
commented on July 21, 2024
Great, I'll upgrade then!
Thanks!!!!
from mod_wsgi-docker.
Related Issues (20)
- New Apache version HOT 1
- How do I modify the httpd.conf for apache? HOT 2
- static files HOT 16
- : "httpd (pid 7) already running" HOT 1
- Error while building on Windows 10 HOT 5
- docker hub fails with non-onbuild versions HOT 5
- Documentation about process owner HOT 1
- Support for Client Certificates HOT 11
- pip packages not getting cached HOT 9
- Documentation for mod_wsgi express command line flags HOT 1
- 403 error on root when using --mount-point HOT 1
- debian mirrors used in mod-wsgi-docker:python-3.5-onbuild image failing HOT 1
- Enable compress-responses / mod_deflate
- Context path or SCRIPT_NAME when deployed in docker, and proxied throgh front-end apache HOT 1
- ---
- Error while building python-2.7-onbuild HOT 2
- Debian Package Issues HOT 1
- Officially abandon mod_wsgi-docker project. HOT 3
- How to update limit-request-body using this image? HOT 8
- Failed to fetch jessie packages
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from mod_wsgi-docker.