Comments (8)
I figured out what happened and it had nothing to do with your code, sorry.
I copied my /var/lib/docker
to another partition using sudo
. I should have used a flag to preserve the owner permissions in hindsight, because now all files became owned by root
. At first it seemed everything worked okay, but there is an overlay2
folder that keeps the diff for images when a container modifies the files within a container. The result was that certain directories (like \tmp
and \var\lib\postfix
) now became owned by root inside the image.
I did not realize the problem was on my end, because when I switched between versions of your image the problem disappeared. But this was because the layers of the image are cached in overlay2
, so when I tried an image that did not exist previously I got the correct permissions.
So sorry for bothering you. At least now you know that there is a situation in which the permissions inside the container can be different as what is specified in Dockerfile
, but it's really an edge case that will not occur under normal usage, so it's not necessary to handle that in your script.
from docker-postfix.
Which version are you running? How are you running the image? Are you using any mounted directories? Do you have SKIP_ROOT_SPOOL_CHOWN set?
from docker-postfix.
The latest (latest-alpine
) ARM64 version, sha256:15cb222cf4b8472b1416d7bfcdc97d9eaceb287e3807545504e62d37595fb9e3
I also run it on a AMD64 server, and there I dont see this problem, so it might be possible it only happens on ARM.
The composefile is identical on both systems:
postfix:
hostname: postfix
container_name: postfix
image: "boky/postfix:latest-alpine"
environment:
- "HOSTNAME=XXX"
- "TZ=Europe/Amsterdam"
- "MYNETWORKS=0.0.0.0/0,[::]/0"
- "ALLOW_EMPTY_SENDER_DOMAINS=true"
- "RELAYHOST=XXX"
- "RELAYHOST_USERNAME=XXX"
- "RELAYHOST_PASSWORD=XXX"
volumes:
- "/mnt/data/postfix/etc:/etc/postfix"
- "/mnt/data/postfix/keys:/etc/opendkim/keys"
- "/mnt/data/postfix/spool:/var/spool/postfix"
ports:
- 25:25
networks:
- web
dns_search: .
restart: always
stop_grace_period: 2m
As you can see I have no SKIP_ROOT_SPOOL_CHOWN
set. And this compose file always worked until yesterday when I updated to the new image.
from docker-postfix.
I reverted back to v4.0.2-alpine
and it works without any permission problems.
So I am positive this regression in the ARM image was introduced recently. I was especially following latest
instead of edge
to avoid problems like this.
from docker-postfix.
This is really odd, as there were no changes that would cause this issue.
Are you running into this issue with v4.1.0
as well?
from docker-postfix.
I just tried and v4.1.0
also works fine.
from docker-postfix.
Odd. But since v4.1.0
works I think we can close this ticket. I'd still like to know what caused it, though, to avoid repeats. So if you run into any additional information, please do reopen it.
from docker-postfix.
That is in fact the case, but how is your /tmp/
not writtable?
from docker-postfix.
Related Issues (20)
- README - Incorrect UID/GID in Security HOT 1
- Rebuild alpine images HOT 1
- Docker healthcheck reports unhealthy due to syntax error HOT 1
- Not able to get the smtp-relay pod in ready state HOT 5
- Would want to use regex to do fancy masquerading HOT 4
- 530 when relaying through AWS SES HOT 2
- SASL authentication failure: No worthy mechs found HOT 2
- Log files are overflowing with milter messages HOT 1
- Can't create monitor on some nodes HOT 1
- Deployment doesn't use RELAYHOST for delivery HOT 4
- [Feature] Set healthcheck port in configuration options HOT 2
- Gmail not working? HOT 3
- /etc/default/locale: No such file or directory by cron calls HOT 2
- Using GMail as Relay: Way to generate tokens in README not working anymore HOT 2
- SASL passwords are created with the container's hostname as domain HOT 10
- prometheus without k8s HOT 1
- Relaying through Mailgun for multiple domains and username/passwords HOT 1
- Rootless postfix? HOT 1
- Helm upgrade from 4.1.0 to 4.2.0 failing: mapping key "name" already defined HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from docker-postfix.