www-dataユーザーを使用してDockerでcron-serviceを起動しようとすると、「starting periodic command Scheduler:cronseteuid:Operation not allowed failed!」というメッセージが表示されます。
以下はDockerfileです。
FROM php:8.2.12-fpm@sha256:2aa938b6d62f7415e9c84d867d9ceed18ef8ec3cf3944d389e088c93f9678a84 as base
# Set environment variables
ENV DOC_ROOT /var/www/html
ENV COMPOSER_HOME=/tmp/composer
# Install required packages
RUN apt-get update && apt-get install -y --no-install-recommends \
gnupg \
netcat-openbsd \
supervisor \
openssl \
nginx \
wget \
telnet \
traceroute \
net-tools \
ca-certificates \
sudo \
libicu-dev \
libfreetype6-dev \
libjpeg-dev \
libpng-dev \
libsodium-dev \
libxml2-dev \
libxslt-dev \
libzip-dev \
rsync \
unzip \
cron \
default-mysql-client \
git \
gnupg \
gzip \
libbz2-dev \
libjpeg62-turbo-dev \
libmagickwand-dev \
libmcrypt-dev \
libonig-dev \
libsodium-dev \
libssh2-1-dev \
libwebp-dev \
libxslt1-dev \
lsof \
mailutils \
msmtp \
procps \
vim \
zip \
&& rm -rf /var/lib/apt/lists/*
# Install APCu and other PHP extensions
RUN pecl install apcu-5.1.22 \
&& docker-php-ext-configure \
gd --with-freetype --with-jpeg --with-webp \
&& docker-php-ext-install \
bcmath \
bz2 \
calendar \
exif \
gd \
gettext \
intl \
mbstring \
mysqli \
opcache \
pcntl \
pdo_mysql \
soap \
sockets \
sodium \
sysvmsg \
sysvsem \
sysvshm \
xsl \
zip
# Create necessary directories and set permissions
RUN mkdir -p /var/run \
&& chown -R www-data:www-data /var/run \
&& mkdir -p /var/lib/nginx/{body,fastcgi} \
&& chown -R www-data:www-data /var/lib/nginx \
&& touch /var/run/crond.pid \
&& chown www-data:www-data /var/run/crond.pid \
&& touch /run/nginx.pid \
&& chown www-data:www-data /run/nginx.pid \
&& chown www-data:www-data /var/log/nginx/error.log \
&& chown www-data:www-data /var/log/nginx/access.log
# Copy cronjob configuration and set permissions
COPY magento /etc/cron.d/cronjob
RUN chown www-data:www-data /etc/cron.d/cronjob \
&& chmod 0644 /etc/cron.d/cronjob
# Set up cron logging
RUN touch /var/log/cron.log \
&& chown www-data:www-data /var/log/cron.log
# Set root password
RUN echo 'root:Login#22' | chpasswd
# Install Xdebug
RUN pecl install xdebug \
&& docker-php-ext-enable xdebug
# Set PHP configuration
RUN echo "memory_limit=1G" >> /usr/local/etc/php/conf.d/zz-memory-limit-php.ini \
&& echo "apc.enable=1" >> /usr/local/etc/php/conf.d/zz-apcu.ini \
&& echo "apc.enable_cli=1" >> /usr/local/etc/php/conf.d/zz-apcu.ini \
&& echo "opcache.memory_consumption=512MB" >> /usr/local/etc/php/conf.d/zz-opcache.conf \
&& echo "opcache.max_accelerated_files=60000" >> /usr/local/etc/php/conf.d/zz-opcache.conf \
&& echo "opcache.consistency_checks=0" >> /usr/local/etc/php/conf.d/zz-opcache.conf \
&& echo "opcache.validate_timestamps=0" >> /usr/local/etc/php/conf.d/zz-opcache.conf \
&& echo "opcache.enable_cli=1" >> /usr/local/etc/php/conf.d/zz-opcache.conf
FROM base as build
# Install and configure supervisord
COPY etc/nginx /etc/nginx
COPY etc/supervisord.conf /etc/supervisor/supervisord.conf
RUN mkdir -p /var/log/supervisor \
&& chown www-data:www-data /var/log/supervisor
# Switch to www-data user
USER www-data
WORKDIR /var/www/html
# Copy Magento application files and entrypoint script
COPY --from=composer:2.2 /usr/bin/composer /usr/bin/composer
COPY --chown=www-data magentoapps/magento .
COPY --chown=www-data bin bin
COPY bin/entrypoint.sh /usr/local/bin/docker-php-entrypoint
# Create temporary directory
RUN mkdir /tmp/app
# Install dependencies and set up Magento application
RUN composer install \
&& bin/magento sampledata:deploy \
&& bin/magento module:enable --all \
&& cp -r app /tmp/app
# Expose port 8080
EXPOSE 8080
# Set Magento mode to developer
ENV MAGE_MODE=developer
以下は監督文書です。
[unix_http_server]
file=/tmp/supervisor.sock
chmod=0700
[supervisord]
nodaemon=true
user=www-data
loglevel=info
logfile=/tmp/supervisord.log
pidfile=/tmp/supervisord.pid
[rpcinterface:supervisor]
supervisor.rpcinterface_factory=supervisor.rpcinterface:make_main_rpcinterface
[supervisorctl]
serverurl=unix:///tmp/supervisor.sock
[program:php-fpm]
command=php-fpm -F
stdout_logfile=/dev/stdout
stdout_logfile_maxbytes=0
stderr_logfile=/dev/stderr
stderr_logfile_maxbytes=0
autorestart=false
startretries=0
redirect_stderr=true
[program:nginx]
command=nginx -g 'daemon off;'
stdout_logfile=/dev/stdout
stdout_logfile_maxbytes=0
stderr_logfile=/dev/stderr
stderr_logfile_maxbytes=0
autorestart=false
startretries=0
[program:cron]
command=/usr/sbin/cron -f
stdout_logfile=/dev/stdout
stdout_logfile_maxbytes=0
stderr_logfile=/dev/stderr
stderr_logfile_maxbytes=0
autorestart=false
startretries=0
コマンドを手動で実行しようとすると失敗しますが、rootとして実行されます。
/usr/sbin/cron.dのフルアクセス権を設定してみてください。
コマンドを手動で実行しようとすると失敗しますが、rootとして実行されます。
/usr/sbin/cron.dのフルアクセス権を設定してみてください。