Collectives™ on Stack Overflow

Find centralized, trusted content and collaborate around the technologies you use most.

Teams

Q&A for work

Connect and share knowledge within a single location that is structured and easy to search.

Alpine Docker ERROR: Unable to lock database: Permission denied ERROR: Failed to open apk database: Permission denied

So I have used the default docker for testcafe which on docker hub is testcafe/testcafe and I have to run a few testcafe scripts.

However, I need the screenshot that fires on error, to be uploaded to somewhere where I can look at it later after the docker image is done running.

I am using the Imgur program which uses bash so I re-did a few things to make it sh compatible and everything works except I need curl. I tried running

apk add curl
but I'm getting the error 
ERROR: Unable to lock database: Permission denied ERROR: Failed to open apk database: 
Now I no this means that I do not have permission to do this but can I get around this is there some way to become root (this is in bitbucket pipeline).  
I do NOT really want to create my own docker.
Also note all questions I have found relating to this are about installing while creating the docker, however, my question is how to do this after the docker is created.  thx (a fine answer would be another way to save the screen shot, but preferably not with ssh).
                You can add the -u="root" command when running a container:    docker run -it -u="root" testcafe/testcafe Is this what you are after?
– Marion
                Jun 7, 2018 at 12:05
                @Vladimir_314159 You should really give a try to @Marion's suggestion because specifying a user on the docker command line will run the default or provided command as that user in the container (hence if you start a shell, you'll end with a shell as root, which is what you probably need to be able to apk add). I faced exactly the same problem as you describe and it was the solution.
– Guillaume G.
                Jun 8, 2018 at 17:52
                If the container is already running, you can specify the user for docker exec as well: docker exec -it -u=root <container-name> bash and then do apk add curl
– Matthew
                Nov 3, 2020 at 21:05
For those seeing this error using a Dockerfile (and coming here via a Google search): add the following line to your Dockerfile:
USER root
                If I do not want to use root. What should I add in this command RUN addgroup -S something && adduser -S -G something something to make it run apk add?
– kamal
                Sep 18, 2019 at 11:46
                Insecure, but it works. It was a permissions issue for the agent running the Dockerfile. For Reference -- I ran into this setting up a Dockerfile build for a Digital Ocean Jenkins CI server (I needed to APK ADD NodeJS and NVM, etc.).
– RoboBear
                Nov 21, 2019 at 0:55
                @kamal the way i fixed it is that I simply used the RUN addgroup -S something && adduser -S -G something something after the apk add comment. Probalby not fitting for every scenario though.
– LOLWTFasdasd asdad
                Mar 16, 2020 at 16:58
                This indeed fixed the issue, just make sure to run 'USER nobody' at the end of your Dockerfile.
– Felipe Plazas
                Oct 2, 2020 at 14:41
                are their any consequences while using this container? or we need to modify entrypoiny/cmd in order to login as root always?
– kAmol
                Jun 2, 2021 at 4:50
Hopefully this will help anyone who is not interested in creating a new container.
If you are trying to enter into your docker container like so:
docker exec -it <containername> /bin/sh
Instead, try this:
docker exec -it --user=root <containername> /bin/sh
                A lifesaver right here. I just needed to debug something in a docker container running on the server. I didn't want to have to rebuild my docker image.
– DJ House
                Nov 30, 2022 at 19:50
The best fix is to place USER <youruser> AFTER the lines where your docker build is failing. In most cases it is safe to add the USER line directly above the command or entrypoint.
For example:
FROM python:3.8.0-alpine
RUN addgroup -S app && adduser -S -G app app
RUN apk add --no-cache libmaxminddb postgresql-dev gcc musl-dev
ADD . .
USER app
ENTRYPOINT ["scripts/entrypoint.sh"]
CMD ["scripts/gunicorn.sh"]
For those seeing this error when running through a Jenkins pipeline script (and coming hre via a Google search), use the following when starting your Docker image:
node('docker') {
  docker.image('golang:1.14rc1-alpine3.11').inside(' -u 0') {
    sh 'apk add curl'
                When using a declarative pipeline add args '-u 0' inside docker { } before defining the image
– Thomas Göhringer
                May 14, 2020 at 8:22
docker exec -it --user root container-name sh
For Kubernetes pods, it is a bit more complicated. If your image is built with a non-root user and also you cannot run pods with a root user inside your cluster, you need to install the packages with this method:
Identify the user which the pod is using
        
Thanks for contributing an answer to Stack Overflow!
Please be sure to answer the question. Provide details and share your research!
But avoid …
Asking for help, clarification, or responding to other answers.
Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.