-
Notifications
You must be signed in to change notification settings - Fork 20
[BUG] incorrect permissions on /usr/share/opensearch/ in docker container #35
Comments
This prevents starting the image also when user namespace remapping is on:
|
Hi, we are currently not using this repo for docker images. Here is the latest setup on docker for OpenSearch/Dashboards: Also, if you are using kubernetes use init containers to change the folder permission or ownership and then start the containers. Or you can rebuilt the opensearch image with your desired user uid. Thanks. |
Hi Peter, how could you use init containers to set folder permissions in a following opensearch container? Can you please scheme how that would work? Thanks and Regards. |
What is the bug?
In the docker image opensearchproject/opensearch:2.9.0 the permission for the opensearch folder is causing issues
[opensearch@dc433e3d119d ~]$ ls -ld /usr/share/opensearch/
drwx------ 1 opensearch opensearch 4096 Jul 18 22:43 /usr/share/opensearch/
How can one reproduce the bug?
Run the image in a kubernetes pod where the securityContext assigns a random UID for the user, for example 1000800000
Since the opensearch folder is only accessible for the opensearch user with UID 1000 the entrypoint script /usr/share/opensearch/opensearch-docker-entrypoint.sh cannot be run
What is the expected behavior?
Since the script itself is set with these permissions: -rwxr-xr-x (allow other to read and execute) it would be logical for the previous directories to have the same permissions
What is your host/environment?
Kubernetes OpenSearch cluster
Do you have any screenshots?
N/A
Do you have any additional context?
The text was updated successfully, but these errors were encountered: