打开查询日志文件时出错” file=/prometheus/queries.active err="open /prometheus/queries.active: 权限被拒绝

Question

尝试使用非 root 用户运行 prometheus，并尝试了https://github.com/prometheus/prometheus/issues/5976中的许多建议后，它对我不起作用，我得到：

level=error ts=xxxxxxxx caller=query_logger.go:87 component=activeQueryTracker msg="Error opening query log file" file=/prometheus/queries.active err="open /prometheus/queries.active: permission denied"
level=error ts=xxxxxxx caller=query_logger.go:87 component=activeQueryTracker msg="Error opening query log file" file=/prometheus/queries.active err="open /prometheus/queries.active: permission denied"
    
panic: Unable to create mmap-ed active query log
    panic: Unable to create mmap-ed active query log

下面是我的 Dockerfile：

FROM <xxxx>

ARG PROMETHEUS_VERSION=2.17.2

# Dependencies
RUN apk add --update --no-cache \
    ruby=~2 \
    curl=~7

# Download prometheus
RUN curl -k -LSs --output /tmp/prometheus.tar.gz \
    https://github.com/prometheus/prometheus/releases/download/v${PROMETHEUS_VERSION}/prometheus-${PROMETHEUS_VERSION}.linux-amd64.tar.gz && \
    tar -C /tmp --strip-components=1 -zoxf /tmp/prometheus.tar.gz && \
    rm -f /tmp/prometheus.tar.gz && \
    mkdir -p /usr/share/prometheus && \
    mv /tmp/prometheus /bin/ && \
    mv /tmp/promtool /bin/ && \
    mv /tmp/consoles /usr/share/prometheus/consoles && \
    mv /tmp/console_libraries /usr/share/prometheus/console_libraries

# Adding config file
COPY config/ /etc/prometheus/config

# Adding Alert rule config file
COPY rules/ /etc/prometheus/rules

# Giving access to unpriviliged user to access prometheus configs
RUN ln -s /usr/share/prometheus/consoles /usr/share/prometheus/console_libraries /etc/prometheus/ && \
    mkdir -p /prometheus && \
    chown -R user:user /etc/prometheus && \
    chmod -R a+rwx /prometheus

# Adding custom entrypoint
COPY entrypoint.rb /entrypoint.rb

# Using unprivileged user
USER user

# Expose prometheus port
EXPOSE 9090

# Data volume
VOLUME [ "/prometheus" ]

# Working from data dir
WORKDIR /prometheus

# Set custom entrypoint
ENTRYPOINT [ "/entrypoint.rb" ]

# Override default CMD
CMD [ \
    "--storage.tsdb.path=/prometheus", \
    "--web.console.libraries=/usr/share/prometheus/console_libraries", \
    "--web.console.templates=/usr/share/prometheus/consoles" \
]

有人以前遇到过这个问题或者可以发现潜在问题可能出在哪里吗？