Hi,
I’m in the lecture 12 in “building images section” in the docker course. I follow the lecture with the same docker file code, but “npm install” pops error:
"
npm ERR! code EACCES
npm ERR! syscall access
npm ERR! path /app
npm ERR! errno -13
npm ERR! Error: EACCES: permission denied, access ‘/app’
npm ERR! [Error: EACCES: permission denied, access ‘/app’] {
npm ERR! errno: -13,
npm ERR! code: ‘EACCES’,
npm ERR! syscall: ‘access’,
npm ERR! path: ‘/app’
npm ERR! }
npm ERR!
npm ERR! The operation was rejected by your operating system.
npm ERR! It is likely you do not have the permissions to access this file as the current user
npm ERR!
npm ERR! If you believe this might be a permissions issue, please double-check the
npm ERR! permissions of the file and its containing directories, or try running
npm ERR! the command again as root/Administrator.
npm ERR! A complete log of this run can be found in:
npm ERR! /home/app/.npm/_logs/2021-05-28T12_53_18_531Z-debug.log
"
my code is as follows:
“”"
FROM node:14.16.0-alpine3.13
RUN addgroup app && adduser -S -G app app
USER app
WORKDIR /app
COPY . ./
RUN npm install
ENV API_URL=http://api.myapp.com/
EXPOSE 3000
“”"
Here is my Dockerfile:
FROM node:14.16.0-alpine3.13
RUN addgroup app && adduser -S -G app app
USER app
WORKDIR /app
RUN mkdir data
COPY package*.json .
RUN npm install
COPY . .
ENV API_URL=http://api.myapp.com/
EXPOSE 3000
CMD [“npm”, “start”]
The sequence of when npm install takes place has to happen BEFORE the “COPY . .” section but after the “COPY package*.json .” section (note the DOT after .json) for it to work.
I also didn’t have a slash on my "COPY . . " – not sure if that is also causing you problems.
Give that a try and see if you get the same result.
Hope that helps!
Cheers,
Kyle
No… it pops error like: “mkdir: can’t create directory ‘data’: Permission denied”, not even be able to make a directory. But when USER is changed to root, all is working…
1 Like
Yes – sounds like the app user was not created correctly.
You can drop the mkdir part – That’s for a future lesson on Volumes and Persistent Data.
Try going back and get your user permissions correct.
I think that is where your problem is hidding!
Cheers!
Thanks for the help. I just copy your code into my file and it turns out the issue. Could you please show how to correct the user permissions? Thanks again
In the lesson: Setting the User, Mosh uses one of the earlier images to start an Alpine Container.
In that lesson, you practice setting the groups and users.
This is where you learn to add the line:
RUN addgroup && adduser -S -G app app
… to your Dockerfile then:
USER app
Those two lines set up all the permissions.
Another example I’ve seen work is to break up the RUN line into individual lines:
# Create a user group 'xyzgroup'
RUN addgroup -S xyzgroup
# Create a user 'appuser' under 'xyzgroup'
RUN adduser -S -D -h /usr/app/src appuser xyzgroup
# Chown all the files to the app user.
RUN chown -R appuser:xyzgroup /usr/app
# Switch to 'appuser'
USER appuser
Another possibility is the “adduser” syntax.
Try using “useradd” instead of its interactive wrapper “adduser”
Hope that helps!
Cheers!
Note that the Code Example is an example – you will need to replace the actual directories and user names to match Mosh’s example.
I am still not fully understanding why I need to add a user, as far as I understand in linux, when I get the apline image, I will deal with the internal OS snapshot as “root” user
1 Like
Security – Security is the reason.
Your Dockerfile might get exposed. Better that it’s a limited user that gets hacked then root. Especially when you are running your app in the cloud.
Adding a user limits the “blast radius” of a hack… and is good practice.