First time poster. Coming from Docker
background, using Podman since May of this year.
Help me make sense of this.
I am testing applying certs to a container
in our dev environment, before replicating it to our
production container. It was running as expected, and now I’m
having issues when running the same commands (I’ve deleted the
old container 1st before starting the work again).
If I run the following command:
sudo podman run -d –name hosta-nexus -p
8081:80 -v /opt/nexus:/nexus-data:Z -v
/data/storage:/storage:Z docker.io/sonatype/nexus.3:30.0
[usera@hosta /]$ sudo podman run --name
hosta-nexus -p 8081:80 -v /opt/nexus:/nexus-data:Z -v
/data/storage:/storage:Z docker.io/sonatype/nexus3:3.30.0
mkdir: cannot create directory
'../sonatype-work/nexus3': Permission denied
mkdir: cannot create directory
'../sonatype-work/nexus3': Permission denied
Warning: Cannot open log file:
../sonatype-work/nexus3/log/jvm.log
Warning: Forcing option
-XX:LogFile=/tmp/jvm.log
OpenJDK 64-Bit Server VM warning: Cannot
open file ../sonatype-work/nexus3/log/jvm.log due to
Permission denied
java.io.FileNotFoundException:
../sonatype-work/nexus3/tmp/i4j_ZTDnGON8hezynsMX2ZCYAVDtQog=.lock
(Permission denied)
at
java.io.RandomAccessFile.open0(Native Method)
at
java.io.RandomAccessFile.open(RandomAccessFile.java:316)
at
java.io.RandomAccessFile.<init>(RandomAccessFile.java:243)
at
com.install4j.runtime.launcher.util.SingleInstance.check(SingleInstance.java:72)
at
com.install4j.runtime.launcher.util.SingleInstance.checkForCurrentLauncher(SingleInstance.java:31)
at
com.install4j.runtime.launcher.UnixLauncher.checkSingleInstance(UnixLauncher.java:88)
at
com.install4j.runtime.launcher.UnixLauncher.main(UnixLauncher.java:67)
java.io.FileNotFoundException:
/nexus-data/karaf.pid (Permission denied)
at
java.io.FileOutputStream.open0(Native Method)
at
java.io.FileOutputStream.open(FileOutputStream.java:270)
at
java.io.FileOutputStream.<init>(FileOutputStream.java:213)
at
java.io.FileOutputStream.<init>(FileOutputStream.java:101)
at
org.apache.karaf.main.InstanceHelper.writePid(InstanceHelper.java:127)
at
org.apache.karaf.main.Main.launch(Main.java:243)
at
org.sonatype.nexus.karaf.NexusMain.launch(NexusMain.java:113)
at
org.sonatype.nexus.karaf.NexusMain.main(NexusMain.java:52)
at
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at
java.lang.reflect.Method.invoke(Method.java:498)
at
com.exe4j.runtime.LauncherEngine.launch(LauncherEngine.java:85)
at
com.install4j.runtime.launcher.UnixLauncher.main(UnixLauncher.java:69)
java.lang.RuntimeException:
/nexus-data/log/karaf.log (Permission denied)
at
org.apache.karaf.main.util.BootstrapLogManager.getDefaultHandlerInternal(BootstrapLogManager.java:102)
at
org.apache.karaf.main.util.BootstrapLogManager.getDefaultHandlersInternal(BootstrapLogManager.java:137)
at
org.apache.karaf.main.util.BootstrapLogManager.getDefaultHandlers(BootstrapLogManager.java:70)
at
org.apache.karaf.main.util.BootstrapLogManager.configureLogger(BootstrapLogManager.java:75)
at
org.apache.karaf.main.Main.launch(Main.java:244)
at
org.sonatype.nexus.karaf.NexusMain.launch(NexusMain.java:113)
at
org.sonatype.nexus.karaf.NexusMain.main(NexusMain.java:52)
at
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at
java.lang.reflect.Method.invoke(Method.java:498)
at
com.exe4j.runtime.LauncherEngine.launch(LauncherEngine.java:85)
at
com.install4j.runtime.launcher.UnixLauncher.main(UnixLauncher.java:69)
Caused by: java.io.FileNotFoundException:
/nexus-data/log/karaf.log (Permission denied)
at
java.io.FileOutputStream.open0(Native Method)
at
java.io.FileOutputStream.open(FileOutputStream.java:270)
at
java.io.FileOutputStream.<init>(FileOutputStream.java:213)
at
org.apache.karaf.main.util.BootstrapLogManager$SimpleFileHandler.open(BootstrapLogManager.java:193)
at
org.apache.karaf.main.util.BootstrapLogManager$SimpleFileHandler.<init>(BootstrapLogManager.java:182)
at
org.apache.karaf.main.util.BootstrapLogManager.getDefaultHandlerInternal(BootstrapLogManager.java:100)
... 12 more
Error creating bundle cache.
Unable to update instance pid: Unable to
create directory /nexus-data/instances
Exception in thread "Thread-2"
java.lang.SecurityException: Could not lock User prefs. Lock
file access denied.
at
java.util.prefs.FileSystemPreferences.checkLockFile0ErrorCode(FileSystemPreferences.java:949)
at
java.util.prefs.FileSystemPreferences.lockFile(FileSystemPreferences.java:937)
at
java.util.prefs.FileSystemPreferences.sync(FileSystemPreferences.java:741)
at
java.util.prefs.FileSystemPreferences.flush(FileSystemPreferences.java:836)
at
java.util.prefs.FileSystemPreferences.syncWorld(FileSystemPreferences.java:476)
at
java.util.prefs.FileSystemPreferences.access$1200(FileSystemPreferences.java:50)
at
java.util.prefs.FileSystemPreferences$4$1.run(FileSystemPreferences.java:454)
The following directories already exist on
the host: /opt/nexus and /data/storage and are owned by
nexus:nexus and the file permissions are 755.
BUT, if I run the following command (with
user 0):
sudo podman run -dit --name hosta-nexus -u
0 -p 8081:80 -v /opt/nexus:/nexus-data:Z -v
/data/storage:/storage:Z docker.io/sonatype/nexus3:3.30.0
Why was the container running without the
-u 0, and now I'm getting permission denied at rootless? Is
there something, somewhere that is persisting that is causing
the issue?
Also to clear things up, I’m opening the
following port on the Container to the Host: 8081:80 , but if
I type in localhost:8081 or localhost:80, the UI won’t come
up. I have to inspect the running container, get the IP
address, and then put in that ip address:8081 and then the web
pages comes up. I’m not sure what I’m doing incorrectly here.
Thanks
Chris