Mdthbs

how to convert Timestring to seconds

Do the 26 richest billionaires own as much wealth as the poorest 3.8 billion people?

What is the name of the technique when an element is repeated at different scales?

Why did moving the mouse cursor cause Windows 95 to run more quickly?

How to supply water to a coastal desert town with no rain and no freshwater aquifers?

How can power levels matter in a magic system that emphasizes control?

What instances can be solved today by modern solvers (pure LP)?

Chess problem: Make a crossword in 3 moves

What/Where usage English vs Japanese

How come having a Deathly Hallow is not a big deal?

Can a wizard delay learning new spells from leveling up, and instead learn different spells later?

Data normalization before or after train-test split?

Should I hide my travel history to the UK when I apply for an Australian visa?

Does a multiclassed wizard start with a spellbook?

Does Evolution Sage proliferate Blast Zone when played?

Olive oil in Japanese cooking

How can solar sailed ships be protected from space debris?

Did Snape really give Umbridge a fake Veritaserum potion that Harry later pretended to drink?

What does this value mean in a BJT datasheet?

Contributing to a candidate as a Foreign National US Resident?

What is the addition in the re-released version of Avengers: Endgame?

Machine Learning Golf: Multiplication

Why would "dead languages" be the only languages that spells could be written in?

How can I define a very large matrix efficiently?

Docker: Sending log files as non-root user to /dev/stdout

Runs monit as non-root userWhy does Docker need root privileges?How to run systemd services in Arch Linux Docker container?Run sudo command with non-root user in Docker containerJenkins in Docker doesn't have access to /dev/vboxnetctl for VirtualBoxHow share /dev/videoX devices between Chromium on host and Chromium in a docker containerHow to Run Root Aliases being a non-root user?Acecssing NFS share without root privilegesList IP tables in Docker ContainerRun a single process that can fork and clone as a non-root-user

.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ margin-bottom:0;
}

1

I'm trying to start a docker container, which has 2 services. One of those services needs to be run as a non-root User, otherwise he won't start. The other must run as root.

Now I want to link the non_root_service.log file to either /dev/tty or /dev/stdout, so that the logs could be catched by docker (check with docker logs $CONTAINER):

ln -s /dev/stdout non_root_service.log

The Problem is by doing so, that the non-root User has no rights to write to either /dev/tty or /dev/stdout resulting in the following error on startup of the non-root-service:

cannot open "non_root_service.log": Permission denied

But if I don't create the link, I could not catch the logs with docker logs $CONTAINER. Does anyone has an idea how that could be fixed, so that I could run the user as non-root AND link the log files to /dev/{tty,stdout}?

P.S.: Does not matter if I use as shell script CMD ["starter.sh"] or supervisor CMD ["supervisord", "-n", "-c", "/app/supervisord.conf"] to start the 2 services, I get with both the same error.

linux docker not-root-user

share|improve this question

asked Dec 10 '17 at 18:17

chevallierchevallier

1,07511 gold badge66 silver badges2626 bronze badges

bumped to the homepage by Community♦ 1 hour ago

This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.

add a comment | 

1

I'm trying to start a docker container, which has 2 services. One of those services needs to be run as a non-root User, otherwise he won't start. The other must run as root.

Now I want to link the non_root_service.log file to either /dev/tty or /dev/stdout, so that the logs could be catched by docker (check with docker logs $CONTAINER):

ln -s /dev/stdout non_root_service.log

The Problem is by doing so, that the non-root User has no rights to write to either /dev/tty or /dev/stdout resulting in the following error on startup of the non-root-service:

cannot open "non_root_service.log": Permission denied

But if I don't create the link, I could not catch the logs with docker logs $CONTAINER. Does anyone has an idea how that could be fixed, so that I could run the user as non-root AND link the log files to /dev/{tty,stdout}?

P.S.: Does not matter if I use as shell script CMD ["starter.sh"] or supervisor CMD ["supervisord", "-n", "-c", "/app/supervisord.conf"] to start the 2 services, I get with both the same error.

linux docker not-root-user

share|improve this question

asked Dec 10 '17 at 18:17

chevallierchevallier

1,07511 gold badge66 silver badges2626 bronze badges

bumped to the homepage by Community♦ 1 hour ago

This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.

add a comment | 

I'm trying to start a docker container, which has 2 services. One of those services needs to be run as a non-root User, otherwise he won't start. The other must run as root.

Now I want to link the non_root_service.log file to either /dev/tty or /dev/stdout, so that the logs could be catched by docker (check with docker logs $CONTAINER):

ln -s /dev/stdout non_root_service.log

The Problem is by doing so, that the non-root User has no rights to write to either /dev/tty or /dev/stdout resulting in the following error on startup of the non-root-service:

cannot open "non_root_service.log": Permission denied

But if I don't create the link, I could not catch the logs with docker logs $CONTAINER. Does anyone has an idea how that could be fixed, so that I could run the user as non-root AND link the log files to /dev/{tty,stdout}?

P.S.: Does not matter if I use as shell script CMD ["starter.sh"] or supervisor CMD ["supervisord", "-n", "-c", "/app/supervisord.conf"] to start the 2 services, I get with both the same error.

linux docker not-root-user

share|improve this question

asked Dec 10 '17 at 18:17

chevallierchevallier

1,07511 gold badge66 silver badges2626 bronze badges

ln -s /dev/stdout non_root_service.log

cannot open "non_root_service.log": Permission denied

share|improve this question

asked Dec 10 '17 at 18:17

chevallierchevallier

1,07511 gold badge66 silver badges2626 bronze badges

share|improve this question

asked Dec 10 '17 at 18:17

chevallierchevallier

1,07511 gold badge66 silver badges2626 bronze badges

asked Dec 10 '17 at 18:17

chevallierchevallier

1,07511 gold badge66 silver badges2626 bronze badges

asked Dec 10 '17 at 18:17

chevallierchevallier

1,07511 gold badge66 silver badges2626 bronze badges

1 Answer
1

active

oldest

votes

0

Maybe not the cleanest solution, but could you try this:

tail -f non_root_service.log &

To simply tail the file to stdout and background the tail process? You might also try tailing straight to the stdout p:

ln -s ln -fs /proc/self/fd/1 non_root_service.log

However, are you sure that you have rights to the non_root_service.log file? What do you see if you run stat non_root_service.log and whoami?

share|improve this answer

edited Dec 11 '17 at 5:11

answered Dec 11 '17 at 5:04

Dave KerrDave Kerr

10133 bronze badges

add a comment | 

Your Answer

StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "106"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});

draft saved

draft discarded

Sign up or log in

StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Post as a guest

Name

Email

Required, but never shown

StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f410080%2fdocker-sending-log-files-as-non-root-user-to-dev-stdout%23new-answer', 'question_page');
}
);

Post as a guest

Name

Email

Required, but never shown

0

Maybe not the cleanest solution, but could you try this:

tail -f non_root_service.log &

To simply tail the file to stdout and background the tail process? You might also try tailing straight to the stdout p:

ln -s ln -fs /proc/self/fd/1 non_root_service.log

However, are you sure that you have rights to the non_root_service.log file? What do you see if you run stat non_root_service.log and whoami?

share|improve this answer

edited Dec 11 '17 at 5:11

answered Dec 11 '17 at 5:04

Dave KerrDave Kerr

10133 bronze badges

add a comment | 

0

Maybe not the cleanest solution, but could you try this:

tail -f non_root_service.log &

To simply tail the file to stdout and background the tail process? You might also try tailing straight to the stdout p:

ln -s ln -fs /proc/self/fd/1 non_root_service.log

However, are you sure that you have rights to the non_root_service.log file? What do you see if you run stat non_root_service.log and whoami?

share|improve this answer

edited Dec 11 '17 at 5:11

answered Dec 11 '17 at 5:04

Dave KerrDave Kerr

10133 bronze badges

add a comment | 

Maybe not the cleanest solution, but could you try this:

tail -f non_root_service.log &

To simply tail the file to stdout and background the tail process? You might also try tailing straight to the stdout p:

ln -s ln -fs /proc/self/fd/1 non_root_service.log

However, are you sure that you have rights to the non_root_service.log file? What do you see if you run stat non_root_service.log and whoami?

share|improve this answer

edited Dec 11 '17 at 5:11

answered Dec 11 '17 at 5:04

Dave KerrDave Kerr

10133 bronze badges

tail -f non_root_service.log &

share|improve this answer

edited Dec 11 '17 at 5:11

answered Dec 11 '17 at 5:04

Dave KerrDave Kerr

10133 bronze badges

answered Dec 11 '17 at 5:04

Dave KerrDave Kerr

10133 bronze badges

answered Dec 11 '17 at 5:04

Dave KerrDave Kerr

10133 bronze badges