Comments (22)
@stefda, As far as I can remember the solution was to disable chroot. You can take a look at this commit: EugenMayer/docker-image-rsyncd@c523032
from docker-sync.
Hey Eugen, I have some good and bad news concerning this issue :D
The good news: I managed to get the alpine-based image working and "solved" the permission error. The bad news: I had to disable the chroot
setting in rsyncd.conf
. I cannot say if this is acceptable for docker-sync's use case.
But it seems that we're not the only one with this issue, the user nabeken had the same issue with rsync and alpine linux (see this comment), but he decided to revert back to debian.
Nevertheless I've updated my fork with this 'solution'.
from docker-sync.
Hey Eugen, thank you for this awesome tool! Concerning this issue, would that be enough?
FROM alpine
RUN apk update
RUN apk add rsync
EXPOSE 873
ADD ./run /usr/local/bin/run
ENTRYPOINT ["/usr/local/bin/run"]
What will be included in ADD ./run /usr/local/bin/run
exactly?
from docker-sync.
Great and thanks!
FROM alpine
RUN apk --update add rsync
EXPOSE 873
ADD ./run /usr/local/bin/run
ENTRYPOINT ["/usr/local/bin/run"]
But we need at least to test drive it or compare the rsyncd revisions to ensure we have the same features.
Also probably the run script needs adjustment - iam not sure about useradd / groupadd and -u -g and things. Did you already try it?
from docker-sync.
As a first step, rsync-3.1.1-r2
is the rsync version which will be installed via apk
:
apk info -a rsync
rsync-3.1.1-r2 description:
A file transfer program to keep remote files in sync
rsync-3.1.1-r2 webpage:
http://samba.anu.edu.au/rsync/
rsync-3.1.1-r2 installed size:
454656
rsync-3.1.1-r2 depends on:
so:libacl.so.1
so:libc.musl-x86_64.so.1
so:libpopt.so.0
rsync-3.1.1-r2 provides:
rsync-3.1.1-r2 is required by:
rsync-3.1.1-r2 contains:
etc/rsyncd.conf
etc/logrotate.d/rsyncd
etc/init.d/rsyncd
etc/conf.d/rsyncd
usr/bin/rsync
rsync-3.1.1-r2 triggers:
rsync-3.1.1-r2 has auto-install rule:
rsync-3.1.1-r2 affects auto-installation of:
rsync-3.1.1-r2 replaces:
The run script does not work on my machine, but with the existing setup the current jessie-based image throws an permisson error as well, so I guess my test setup is the problem :D
from docker-sync.
probably you forget the OWNER/OWNERID GrOUP/GRORUPID env variables?
from docker-sync.
any hope to move this forward so i can add it in 0.0.12 together with the new alpine based unison image?
from docker-sync.
Hey, this is the most recent work I could get done: https://gist.github.com/Duske/d1ad66f3d77ac829a2625208b1814484
The run script seem to work, useradd and groupadd needed to be replaced with addgroup and adduser.
from docker-sync.
great! thank you. I will have a look and try to include this in 0.0.12
from docker-sync.
@Duske i tried to integrate it today, created https://github.com/EugenMayer/docker-rsyncd-image ..
git clone https://github.com/EugenMayer/docker-rsyncd-image
cd docker-rsyncd-image
docker-compose build
now clone the boilerplate
git clone https://github.com/EugenMayer/docker-sync-boilerplate
cd docker-sync-boilerplate/simplest
docker-sync start
You will see that we get a
@ERROR: Unknown module 'volume'
rsync error: error starting client-server protocol (code 5) at main.c(1719) [sender=3.1.2]
You can open a second shell, got into the simplest folder an run
docker-sync sync
And you will see the error again. Seems like the "volume" definition of the config did not get picked up?
I corrected the default values for user/group because they were -nobody .. not nobody ( was wront in the original image i guess ).
Do you feel brave enough taking this further?
from docker-sync.
I could reproduce this error on my windows machine at work. I've updated the gist with a different condition to check for the rsyncd.conf
file. This seems so solve the problem on this machine, but I cannot test it with the docker-sync commands :/
from docker-sync.
Duske, since you have all the work, just fork https://github.com/EugenMayer/docker-rsyncd-image and make a pull request, so people see you as a contributor at least. Otherwise i get all the praise, which i do not deserve.
Could you test the image at home now?
from docker-sync.
Hey Eugen, thank you for your support :) I've created a fork here and tested it on my machine. Unfortunately there seems to be a problem with permissions and rsync. I hope I can take a closer look on this tomorrow.
git clone https://github.com/EugenMayer/docker-sync-boilerplate
cd docker-sync-boilerplate/simplest
docker-sync start
Terminal output:
ok Starting rsync
rsync: failed to set permissions on "/index.html" (in volume): No such file or directory (2)
rsync error: some files could not be transferred (code 23) at /BuildRoot/Library/Caches/com.apple.xbs/Sources/rsync/rsync-47/rsync/main.c(992) [sender=2.6.9]
error Error starting sync, exit code 23
message
success Rsync server started
rsync: failed to set permissions on "/index.html" (in volume): No such file or directory (2)
rsync error: some files could not be transferred (code 23) at /BuildRoot/Library/Caches/com.apple.xbs/Sources/rsync/rsync-47/rsync/main.c(992) [sender=2.6.9]
error Error starting sync, exit code 23
message
success Starting to watch /Users/dchabrowski/Dev/playground/alpine-rsync/docker-sync-boilerplate/simplest/app - Press CTRL-C to stop
e^C shutdown Shutting down...
ok Stopping sync container simplest-sync
from docker-sync.
great, at least some progress and you are setup to test and be part of the team :)
from docker-sync.
Still couldn't find the root of this issue yet, I've compared the current image with the alpine-based one:
- the rsync version is 3.1.1 (protocol version 31), the same as in the current image
- user and group are created
- the path in the simplest example (/var/www) has the same permissions as in the current image
- the files actually get transferred, but with permission
-rw------- 1 nobody nogroup 41 Jul 13 20:52 index.html
- rsync daemon is executed as root, just as in the current image
rsyncd.conf current image
uid = nobody
gid = nogroup
use chroot = yes
log file = /dev/stdout
reverse lookup = no
[volume]
hosts deny = *
hosts allow = 192.168.0.0/16 172.16.0.0/12
read only = false
path = /var/www
comment = docker volume
rsyncd.conf alpine-based image
# Minimal configuration file for rsync daemon
# See rsync(1) and rsyncd.conf(5) man pages for help
# This line is required by the /etc/init.d/rsyncd script
pid file = /var/run/rsyncd.pid
use chroot = yes
read only = yes
uid = nobody
gid = nogroup
use chroot = yes
log file = /dev/stdout
reverse lookup = no
[volume]
hosts deny = *
hosts allow = 192.168.0.0/16 172.16.0.0/12
read only = false
path = /var/www
comment = docker volume
I've already tried to cut the first lines of the alpine-based rsyncd.conf to make it look like the current one, but it did not solve the problem
from docker-sync.
i try to catch up with this to support you, thanks for all your work!
from docker-sync.
I cannot see that we even slightly should care about chroot - this is a single purpose image, it has no secrets, it has nothing. It is local development only, no production use.
So i really do not mind about chroot, using it is the same as using a container for rsync :)
Thumbs up for solving this, shall we align this for 0.0.14
from docker-sync.
Can you create a pull request for it? Great contribution!
from docker-sync.
Sounds good to me, the PR is created :)
from docker-sync.
and merged! After i tested it, i close thise issue after pushed to hub.docker.com. Awesome
from docker-sync.
worked like a charm and started up a lot quicker then the debian based image. It pushed, online and live
from docker-sync.
@Duske, may I ask, how did you solve the rsync permissions issue on alpine? I've run into exactly the same problem, couldn't figure out a way around it and ended up using a jessie base image instead. I'd really appreciate your insight.
from docker-sync.
Related Issues (20)
- Feature Requestion: add update command HOT 1
- Default strategy for new Virtualization framework for Mac HOT 2
- Looking for changes - huge node_modules HOT 1
- File deleted on host still exists in app container HOT 11
- External network access and permission problems
- Enforcing one-way sync HOT 3
- `docker-sync -n` should create dummy volumes for non-started syncs
- Cannot start docker-sync with macOS Monterey - Apple M1 Chip HOT 2
- Bug: Wrong Unison image is pulled on M1 Mac HOT 4
- Docker sync daemon is crashing HOT 5
- `initialize': uninitialized constant DockerSync::DockerComposeSession HOT 4
- docker-sync start success, but I can't use docker-sync logs HOT 3
- Fatal error with Unison because of wrong default exclude definitions HOT 3
- Error in RSync strategy using the `sync_excludes` setting: undefined local variable or method `excludes_list' HOT 1
- Sync issue on MacOS 13.0 HOT 26
- `expand_ignore_strings`: undefined method `append` for Array HOT 3
- What's the "extra care" for using unison on OSX with sleep/hibernate. HOT 3
- Add support for passing --env-file to docker-sync start (using ENV file with/from different name or location)
- docker-sync start failed - /tmp/supervisor.sock no such file
- /docker-sync-1.0.5/tasks/sync/sync.thor:69:in `kill': Operation not permitted (Errno::EPERM) HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from docker-sync.