Docker和Mysql:libz.so.1:无法打开共享对象文件:权限被拒绝

Question

在这个Dockerfile中运行mysqld时(在我的Linux机器上,Linux 12.04)

Dockerfile:

FROM ubuntu:precise
RUN apt-get update
RUN apt-get install -y mysql-server

CMD ["/usr/sbin/mysqld"]

我明白了 mysqld: error while loading shared libraries: libz.so.1: cannot open shared object file: Permission denied

而通过boot2docker在我的Mac上运行它mysqld启动就好了.

我尝试了不同的基础docker图像:

• PHUSION/baseimage:0.9.8
• PHUSION/baseimage:0.9.1
• Ubuntu的:最新

我已在主机系统上运行apt-get update并apt-get upgrade(包括更新Mysql),我已重新启动主机系统.

关于如何进行的任何想法？

关于我的系统的信息:

$ docker version
Client version: 0.9.0
Go version (client): go1.2.1
Git commit (client): 2b3fdf2
Server version: 0.9.0
Git commit (server): 2b3fdf2
Go version (server): go1.2.1
Last stable version: 0.9.0

$ docker info
Containers: 37
Images: 340
Driver: aufs
Root Dir: /var/lib/docker/aufs
Dirs: 414
WARNING: No swap limit support

$ uname -a
Linux Ubuntu-1204-precise-64-minimal 3.8.0-37-generic #53~precise1-Ubuntu SMP Wed Feb 19 21:37:54 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux

回答leeduhem关于libz.so.1权限的评论:

$ ls -l /lib/x86_64-linux-gnu/libz.so.1
lrwxrwxrwx 1 root root 15 Nov 10  2011 /lib/x86_64-linux-gnu/libz.so.1 -> libz.so.1.2.3.4

$ ls -l /lib/x86_64-linux-gnu/libz.so.1.2.3.4 
-rw-r--r-- 1 root root 92720 Nov 10  2011 /lib/x86_64-linux-gnu/libz.so.1.2.3.4

使用更改权限

$ chmod +x  /lib/x86_64-linux-gnu/libz.so.1.2.3.4 

我仍然得到错误.

跑步strace -o /tmp/mysql.strace mysqld和cat /tmp/mysql.strace给予

execve("/usr/sbin/mysqld", ["mysqld"], [/* 7 vars */]) = 0
brk(0)                                  = 0x7f4d41f7c000
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4d403c5000
access("/etc/ld.so.preload", R_OK)      = -1 ENOENT (No such file or directory)
open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = -1 EACCES (Permission denied)
open("/lib/x86_64-linux-gnu/tls/x86_64/libz.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
stat("/lib/x86_64-linux-gnu/tls/x86_64", 0x7fff713907f0) = -1 ENOENT (No such file or directory)
open("/lib/x86_64-linux-gnu/tls/libz.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
stat("/lib/x86_64-linux-gnu/tls", 0x7fff713907f0) = -1 ENOENT (No such file or directory)
open("/lib/x86_64-linux-gnu/x86_64/libz.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
stat("/lib/x86_64-linux-gnu/x86_64", 0x7fff713907f0) = -1 ENOENT (No such file or directory)
open("/lib/x86_64-linux-gnu/libz.so.1", O_RDONLY|O_CLOEXEC) = -1 EACCES (Permission denied)
stat("/lib/x86_64-linux-gnu", 0x7fff713907f0) = -1 EACCES (Permission denied)
open("/usr/lib/x86_64-linux-gnu/tls/x86_64/libz.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
stat("/usr/lib/x86_64-linux-gnu/tls/x86_64", 0x7fff713907f0) = -1 ENOENT (No such file or directory)
open("/usr/lib/x86_64-linux-gnu/tls/libz.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
stat("/usr/lib/x86_64-linux-gnu/tls", 0x7fff713907f0) = -1 ENOENT (No such file or directory)
open("/usr/lib/x86_64-linux-gnu/x86_64/libz.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
stat("/usr/lib/x86_64-linux-gnu/x86_64", 0x7fff713907f0) = -1 ENOENT (No such file or directory)
open("/usr/lib/x86_64-linux-gnu/libz.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
stat("/usr/lib/x86_64-linux-gnu", 0x7fff713907f0) = -1 EACCES (Permission denied)
open("/lib/tls/x86_64/libz.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
stat("/lib/tls/x86_64", 0x7fff713907f0) = -1 ENOENT (No such file or directory)
open("/lib/tls/libz.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
stat("/lib/tls", 0x7fff713907f0)        = -1 ENOENT (No such file or directory)
open("/lib/x86_64/libz.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
stat("/lib/x86_64", 0x7fff713907f0)     = -1 ENOENT (No such file or directory)
open("/lib/libz.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
stat("/lib", 0x7fff713907f0)            = -1 EACCES (Permission denied)
open("/usr/lib/tls/x86_64/libz.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
stat("/usr/lib/tls/x86_64", 0x7fff713907f0) = -1 ENOENT (No such file or directory)
open("/usr/lib/tls/libz.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
stat("/usr/lib/tls", 0x7fff713907f0)    = -1 ENOENT (No such file or directory)
open("/usr/lib/x86_64/libz.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
stat("/usr/lib/x86_64", 0x7fff713907f0) = -1 ENOENT (No such file or directory)
open("/usr/lib/libz.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
stat("/usr/lib", 0x7fff713907f0)        = -1 EACCES (Permission denied)
writev(2, [{"mysqld", 6}, {": ", 2}, {"error while loading shared libra"..., 36}, {": ", 2}, {"libz.so.1", 9}, {": ", 2}, {"cannot open shared object file", 30}, {": ", 2}, {"Permission denied", 17}, {"\n", 1}], 10) = 107

---

查看跟踪似乎指示的目录/ lib和/ lib/x86_64-linux-gnu是不允许的:

$ ls -ld /lib
drwxr-xr-x 12 root root 4096 Dec 16 13:42 /lib

$ ls -ld /lib/x86_64-linux-gnu
drwxr-xr-x 3 root root 4096 Mar 17 13:39 /lib/x86_64-linux-gnu  

Answer 1

删除容器为我解决了这个问题.

更新:该解决方案的工作时间不长.

所以我一直在寻找并找到与Apparmor相关的东西.

如果您的主机上安装了mysql,Apparmor可能会限制对您的docker容器上安装的mysql访问此共享库.以下解决了这个问题:

#Type this on your host terminal
sudo ln -s /etc/apparmor.d/usr.sbin.mysqld /etc/apparmor.d/disable/
sudo apparmor_parser -R /etc/apparmor.d/usr.sbin.mysqld

Answer 2

所以我按照@jpetazzo 的建议，使用 devicemapper 存储后端解决了这个问题。

我执行的步骤：

1. 停止了docker守护进程
2. docker用命令启动守护进程docker -d -s="devicemapper"
3. 冉docker run再上Dockerfile命令。它没有任何问题。