docker-nginx-http3 icon indicating copy to clipboard operation
docker-nginx-http3 copied to clipboard

Published 20 hours ago verified publisher icon macbre

/var/log/nginx/error.log" failed (13: Permission denied)

Open jobe451 opened this issue 1 year ago • 1 comments
trafficstars

I just do not get this image to run, something with permissions is wrong.

docker logs nginx

I keep getting:

nginx: [alert] could not open error log file: open() "/var/log/nginx/error.log" failed (13: Permission denied)
2024/05/18 01:14:09 [emerg] 1#1: open() "/var/log/nginx/error.log" failed (13: Permission denied)

I do use this compose file on ubuntu 24.04. /docker/nginx and its subdirectory are all used by user/group nginx:nginx; uid/gid: 1002:1002.

services:
  nginx:
    image: macbre/nginx-http3
    build:
      context: ./nginx/
      args:
        NGINX_USER_UID: 1002
        NGINX_GROUP_GID: 1002
    environment:
      NGINX_USER_UID: 1002
      NGINX_GROUP_GID: 1002
    container_name: nginx
    user: nginx
    volumes:
     - /docker/nginx/etc/conf.d:/etc/nginx/conf.d/:ro
     - /docker/nginx/etc/main.d:/etc/nginx/main.d/:ro
     - /docker/nginx/html:/var/www/html:ro
     - /docker/nginx/logs:/var/log/nginx/:rw
    ports:
      - '80:80/tcp'

What am I doing wrong?

jobe451 avatar May 18 '24 01:05 jobe451 

    user: nginx

Did you try passing the numeric uid/gid pair here? nginx user may have a different uid on your host and inside the nginx container.

macbre avatar Jun 13 '24 16:06 macbre

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

github-actions[bot] avatar Aug 05 '24 02:08 github-actions[bot]

Hi, im not the biggest expert on these topics, but I accidently stumbled upon the same error. I think the error has to do something with this:

Comment out the bind mounted logs volume in your docker compose file:

# - /docker/nginx/logs:/var/log/nginx/:rw

Now the error disappeared

Bash into the container and type

ls -al /var/log/nginx

Results in

total 8
drwxr-xr-x 2 root root 4096 Aug 19 00:08 .
drwxr-xr-x 1 root root 4096 Aug 19 00:08 ..
lrwxrwxrwx 1 root root   11 Aug 19 00:08 access.log -> /dev/stdout
lrwxrwxrwx 1 root root   11 Aug 19 00:08 error.log -> /dev/stderr

This gives 2 files with simlinks (hence l in lrwxrwxrwx) to STDOUT. I guess thats why you cant (and dont have to?) bind mount the logs.

Please correct me if wrong, its just some observations, maybe pointing in the right direction.

Webstijlen avatar Aug 28 '24 14:08 Webstijlen

@Webstijlen - you're absolutely right! The bind definition (for the /var/log/nginx) should be commented out as it clashes with how the container is set up, i.e. to emit access logs to stdout and errors to stderr.

macbre avatar Aug 28 '24 19:08 macbre