Overpass-API icon indicating copy to clipboard operation
Overpass-API copied to clipboard
verified publisher icon wiktorn

fcgiwrap can't list `/db`, leading to `runtime error: open64: 13 Permission denied /db/db//osm3s_osm_base Unix_Socket::7`

Open LogicalOverflow opened this issue 1 year ago • 1 comments

When running the docker container, any request to overpass just returns the following:

<?xml version="1.0" encoding="UTF-8"?>                                                                                                                                                                               <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
  <meta http-equiv="content-type" content="text/html; charset=utf-8" lang="en"/>
  <title>OSM3S Response</title>
</head>
<body>

<p>The data included in this document is from www.openstreetmap.org. The data is made available under ODbL.</p>
<p><strong style="color:#FF0000">Error</strong>: runtime error: open64: 13 Permission denied /db/db//osm3s_osm_base Unix_Socket::7 </p>

</body>
</html>

The issue seems to be caused by the /db directory being owned by the overpass user with drwx------ permission while fcgiwrap runs as the nginx user, meaning it does not have permission to list the files in /db. Either running chown nginx or chmod og+rx /db inside the container resolve the issue.

This occurs both with and without mounting /db as a volume.

As a workaround, I added OVERPASS_PLANET_PREPROCESS=chmod og+rx /db to the container environment variables, which resolves the issue.

For reference, I was using the following environment variables, though I have tried a variety of combinations and they all produced this error:

- OVERPASS_META=yes
- OVERPASS_MODE=init
- OVERPASS_PLANET_URL=file:///germany-latest.osm.bz2
- OVERPASS_USE_AREAS=false
- OVERPASS_STOP_AFTER_INIT=false
- OVERPASS_ALLOW_DUPLICATE_QUERIES=yes
- OVERPASS_RULES_LOAD=10

(The germany-latest.osm.bz2 file is pre-downloaded and mounted via a volume)

LogicalOverflow avatar Oct 17 '24 10:10 LogicalOverflow

Hey @LogicalOverflow , I was facing the same issue and I managed to make it work by mapping the /db directory to a directory inside my filesystem (ext4), without having it managed by docker: in you docker compose file:

volumes:
  <YOUR_VOLUME>:
[...]
services:
  overpass-api:
    image: wiktorn/overpass-api
    volumes:
      - <YOUR_VOLUME>:/db

becomes:

# No docker volume
services:
  overpass-api:
    image: wiktorn/overpass-api
    volumes:
      - ./<YOUR_LOCAL_DIRECTORY>:/db

I am trying to find a workaround so docker volumes can still be used without having to add OVERPASS_PLANET_PREPROCESS=chmod og+rx /db

MathurinV avatar Jan 08 '25 18:01 MathurinV