Create a alpine-based slim version of the rsync image about docker-sync HOT 22 CLOSED

@stefda, As far as I can remember the solution was to disable chroot. You can take a look at this commit: EugenMayer/docker-image-rsyncd@c523032

from docker-sync.

Hey Eugen, I have some good and bad news concerning this issue :D

The good news: I managed to get the alpine-based image working and "solved" the permission error. The bad news: I had to disable the chroot setting in rsyncd.conf. I cannot say if this is acceptable for docker-sync's use case.
But it seems that we're not the only one with this issue, the user nabeken had the same issue with rsync and alpine linux (see this comment), but he decided to revert back to debian.

Nevertheless I've updated my fork with this 'solution'.

from docker-sync.

Hey Eugen, thank you for this awesome tool! Concerning this issue, would that be enough?

FROM alpine
RUN apk update
RUN apk add rsync

EXPOSE 873

ADD ./run /usr/local/bin/run

ENTRYPOINT ["/usr/local/bin/run"]

What will be included in ADD ./run /usr/local/bin/run exactly?

from docker-sync.

Great and thanks!

FROM alpine
RUN apk --update add rsync

EXPOSE 873

ADD ./run /usr/local/bin/run

ENTRYPOINT ["/usr/local/bin/run"]

But we need at least to test drive it or compare the rsyncd revisions to ensure we have the same features.

Also probably the run script needs adjustment - iam not sure about useradd / groupadd and -u -g and things. Did you already try it?

from docker-sync.

As a first step, rsync-3.1.1-r2 is the rsync version which will be installed via apk:

apk info -a rsync

rsync-3.1.1-r2 description:
A file transfer program to keep remote files in sync

rsync-3.1.1-r2 webpage:
http://samba.anu.edu.au/rsync/

rsync-3.1.1-r2 installed size:
454656

rsync-3.1.1-r2 depends on:
so:libacl.so.1
so:libc.musl-x86_64.so.1
so:libpopt.so.0

rsync-3.1.1-r2 provides:

rsync-3.1.1-r2 is required by:

rsync-3.1.1-r2 contains:
etc/rsyncd.conf
etc/logrotate.d/rsyncd
etc/init.d/rsyncd
etc/conf.d/rsyncd
usr/bin/rsync

rsync-3.1.1-r2 triggers:

rsync-3.1.1-r2 has auto-install rule:

rsync-3.1.1-r2 affects auto-installation of:

rsync-3.1.1-r2 replaces:

The run script does not work on my machine, but with the existing setup the current jessie-based image throws an permisson error as well, so I guess my test setup is the problem :D

from docker-sync.

probably you forget the OWNER/OWNERID GrOUP/GRORUPID env variables?

from docker-sync.

any hope to move this forward so i can add it in 0.0.12 together with the new alpine based unison image?

from docker-sync.

Hey, this is the most recent work I could get done: https://gist.github.com/Duske/d1ad66f3d77ac829a2625208b1814484

The run script seem to work, useradd and groupadd needed to be replaced with addgroup and adduser.

from docker-sync.

great! thank you. I will have a look and try to include this in 0.0.12

from docker-sync.

@Duske i tried to integrate it today, created https://github.com/EugenMayer/docker-rsyncd-image ..

git clone https://github.com/EugenMayer/docker-rsyncd-image
cd docker-rsyncd-image
docker-compose build

now clone the boilerplate

git clone https://github.com/EugenMayer/docker-sync-boilerplate
cd docker-sync-boilerplate/simplest
docker-sync start

You will see that we get a

@ERROR: Unknown module 'volume'
rsync error: error starting client-server protocol (code 5) at main.c(1719) [sender=3.1.2]

You can open a second shell, got into the simplest folder an run

docker-sync sync

And you will see the error again. Seems like the "volume" definition of the config did not get picked up?

I corrected the default values for user/group because they were -nobody .. not nobody ( was wront in the original image i guess ).

Do you feel brave enough taking this further?

from docker-sync.

I could reproduce this error on my windows machine at work. I've updated the gist with a different condition to check for the rsyncd.conf file. This seems so solve the problem on this machine, but I cannot test it with the docker-sync commands :/

from docker-sync.

Duske, since you have all the work, just fork https://github.com/EugenMayer/docker-rsyncd-image and make a pull request, so people see you as a contributor at least. Otherwise i get all the praise, which i do not deserve.

Could you test the image at home now?

from docker-sync.

Hey Eugen, thank you for your support :) I've created a fork here and tested it on my machine. Unfortunately there seems to be a problem with permissions and rsync. I hope I can take a closer look on this tomorrow.

git clone https://github.com/EugenMayer/docker-sync-boilerplate
cd docker-sync-boilerplate/simplest
docker-sync start

Terminal output:

ok  Starting rsync
rsync: failed to set permissions on "/index.html" (in volume): No such file or directory (2)
rsync error: some files could not be transferred (code 23) at /BuildRoot/Library/Caches/com.apple.xbs/Sources/rsync/rsync-47/rsync/main.c(992) [sender=2.6.9]
       error  Error starting sync, exit code 23
     message
     success  Rsync server started
rsync: failed to set permissions on "/index.html" (in volume): No such file or directory (2)
rsync error: some files could not be transferred (code 23) at /BuildRoot/Library/Caches/com.apple.xbs/Sources/rsync/rsync-47/rsync/main.c(992) [sender=2.6.9]
       error  Error starting sync, exit code 23
     message
     success  Starting to watch /Users/dchabrowski/Dev/playground/alpine-rsync/docker-sync-boilerplate/simplest/app - Press CTRL-C to stop
e^C shutdown  Shutting down...
ok  Stopping sync container simplest-sync

from docker-sync.

great, at least some progress and you are setup to test and be part of the team :)

from docker-sync.

Still couldn't find the root of this issue yet, I've compared the current image with the alpine-based one:

• the rsync version is 3.1.1 (protocol version 31), the same as in the current image
• user and group are created
• the path in the simplest example (/var/www) has the same permissions as in the current image
• the files actually get transferred, but with permission -rw------- 1 nobody nogroup 41 Jul 13 20:52 index.html
• rsync daemon is executed as root, just as in the current image

rsyncd.conf current image

uid = nobody
gid = nogroup
use chroot = yes
log file = /dev/stdout
reverse lookup = no
[volume]
    hosts deny = *
    hosts allow = 192.168.0.0/16 172.16.0.0/12
    read only = false
    path = /var/www
    comment = docker volume

rsyncd.conf alpine-based image

# Minimal configuration file for rsync daemon
# See rsync(1) and rsyncd.conf(5) man pages for help

# This line is required by the /etc/init.d/rsyncd script
pid file = /var/run/rsyncd.pid
use chroot = yes
read only = yes

uid = nobody
gid = nogroup
use chroot = yes
log file = /dev/stdout
reverse lookup = no
[volume]
    hosts deny = *
    hosts allow = 192.168.0.0/16 172.16.0.0/12
    read only = false
    path = /var/www
    comment = docker volume

I've already tried to cut the first lines of the alpine-based rsyncd.conf to make it look like the current one, but it did not solve the problem

from docker-sync.

i try to catch up with this to support you, thanks for all your work!

from docker-sync.

I cannot see that we even slightly should care about chroot - this is a single purpose image, it has no secrets, it has nothing. It is local development only, no production use.

So i really do not mind about chroot, using it is the same as using a container for rsync :)

Thumbs up for solving this, shall we align this for 0.0.14

from docker-sync.

Can you create a pull request for it? Great contribution!

from docker-sync.

Sounds good to me, the PR is created :)

from docker-sync.

and merged! After i tested it, i close thise issue after pushed to hub.docker.com. Awesome

from docker-sync.

worked like a charm and started up a lot quicker then the debian based image. It pushed, online and live

from docker-sync.

@Duske, may I ask, how did you solve the rsync permissions issue on alpine? I've run into exactly the same problem, couldn't figure out a way around it and ended up using a jessie base image instead. I'd really appreciate your insight.

from docker-sync.