Hi Nick,
Thanks very much for the response. The suggestion greatly helped and I am
now unblocked.
Also, based on
https://github.com/coreos/fedora-coreos-tracker/issues/256 ,
I also ran the below commands
$ sudo echo "$(getent group docker)" >> /etc/group
$ sudo usermod -aG docker core
Thanks again for the help.
Regards
/Shivaram
On Fri, Aug 23, 2019 at 10:49 PM Nick Stielau <nstielau(a)redhat.com> wrote:
Hey Shivaram!
I don't have my laptop so just guessing, with the hope of unblocking you
before you get a better answer ;)
It could be an selinux denial? Container Linux never had selinux
configured meaningfully. You can check with "sestatus". Try adding
":z"
to your --volume flags, which might help until you can properly label the
files for selinux. Or maybe selinux is not enforcing and it's something
totally different.
Good luck!
On Fri, Aug 23, 2019, 7:58 PM Shivaram Mysore <shivaram.mysore(a)gmail.com>
wrote:
> Hello,
>
> I have a simple service definition file - nginx-test.service and located
> in user *core* home directory (/var/home/core) :
>
> [Unit]
> Description=This a basic Nginx service for a testing
> After=docker.service
> Requires=docker.service
>
> [Install]
> WantedBy=multi-user.target
>
> [Service]
> RestartSec=10
> Restart=always
> ExecStartPre=-/usr/bin/docker kill nginx-test
> ExecStartPre=-/usr/bin/docker rm nginx-test
> ExecStart=/usr/bin/docker run \
> --name=nginx-test \
> --network=host \
> --volume=/var/home/core/nginx/config:/etc/nginx/conf \
> --volume=/var/home/core/nginx/html:/usr/share/nginx/html \
> nginx:1.17.2-alpine nginx -c /etc/nginx/conf/nginx.conf -g "daemon off;"
> ExecStop=/usr/bin/docker stop nginx-test
>
> This file is:
> $ sudo cp nginx-test.service /etc/systemd/system/
> $ sudo systemctl daemon-reload
> $ sudo systemctl start nginx-test
> $ pwd
> /var/home/core
> $ tree nginx
> nginx
> ├── config
> │ └── nginx.conf
> └── html
> └── index.html
>
> This exact configuration works on my CoreOS AMI on AWS - which we use for
> the last couple of years. But, it does not work with Fedora CoreOS on my
> bare metal hardware. I even changed directory/file permissions on nginx
> from core to root and still get the errors:
>
> Aug 24 02:53:36 rhino docker[28805]: nginx-test
> Aug 24 02:53:36 rhino systemd[1]: Started This a basic Nginx service for
> a testing.
> Aug 24 02:53:37 rhino docker[28813]: 2019/08/24 02:53:37 [emerg] 1#1:
> open() "/etc/nginx/conf/nginx.conf" failed (13: Permission denied)
> Aug 24 02:53:37 rhino docker[28813]: nginx: [emerg] open()
> "/etc/nginx/conf/nginx.conf" failed (13: Permission denied)
> Aug 24 02:53:38 rhino systemd[1]: nginx-test.service: Main process
> exited, code=exited, status=1/FAILURE
> Aug 24 02:53:38 rhino systemd[1]: nginx-test.service: Failed with result
> 'exit-code'.
>
> $ ls -l nginx/config/
> total 4
> -rw-r--r--. 1 root root 3735 Aug 24 01:08 nginx.conf
>
> Is there a new way to make this work?
>
> Thanks & Regards
>
> /Shivaram
> _______________________________________________
> CoreOS mailing list -- coreos(a)lists.fedoraproject.org
> To unsubscribe send an email to coreos-leave(a)lists.fedoraproject.org
> Fedora Code of Conduct:
>
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives:
>
https://lists.fedoraproject.org/archives/list/coreos@lists.fedoraproject.org
>