We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Hi I'm trying to use your nuget, but I get a UnauthorizedAccessException when I start my container. I'm using normal docker (No swarm or kubernetes).
UnauthorizedAccessException
version: "3.8" secrets: chargeampguard__uri: file: ./guard-relay/secrets/chargeampguard_uri.secret chargeampguard__pin: file: ./guard-relay/secrets/chargeampguard_pin.secret services: guard-relay: container_name: guard-relay image: "ghcr.io/anderssonpeter/guardrelay:${GUARDRELAY_VERSION}" environment: - Application__Application=/config/GuardRelay.sqlite - MQTT__Connection__Server=mosquitto secrets: - chargeampguard__uri - chargeampguard__pin volumes: - ./guard-relay/config:/config
Exception:
Unhandled exception. System.UnauthorizedAccessException: Access to the path '/run/secrets/chargeampguard__uri' is denied. ---> System.IO.IOException: Permission denied --- End of inner exception stack trace --- at Interop.ThrowExceptionForIoErrno(ErrorInfo errorInfo, String path, Boolean isDirError) at Microsoft.Win32.SafeHandles.SafeFileHandle.Open(String path, OpenFlags flags, Int32 mode, Boolean failForSymlink, Boolean& wasSymlink, Func`4 createOpenException) at Microsoft.Win32.SafeHandles.SafeFileHandle.Open(String fullPath, FileMode mode, FileAccess access, FileShare share, FileOptions options, Int64 preallocationSize, UnixFileMode openPermissions, Int64& fileLength, UnixFileMode& filePermissions, Boolean failForSymlink, Boolean& wasSymlink, Func`4 createOpenException) at System.IO.Strategies.OSFileStreamStrategy..ctor(String path, FileMode mode, FileAccess access, FileShare share, FileOptions options, Int64 preallocationSize, Nullable`1 unixCreateMode) at System.IO.File.OpenRead(String path) at System.IO.Abstractions.FileWrapper.OpenRead(String path) at Mcrio.Configuration.Provider.Docker.Secrets.DockerSecretsConfigurationProvider.ProcessFile(String secretFilePath) at Mcrio.Configuration.Provider.Docker.Secrets.DockerSecretsConfigurationProvider.Load() at Microsoft.Extensions.Configuration.ConfigurationManager.AddSource(IConfigurationSource source) at Microsoft.Extensions.Configuration.ConfigurationManager.ConfigurationSources.Add(IConfigurationSource source) at Microsoft.Extensions.Configuration.ConfigurationManager.Microsoft.Extensions.Configuration.IConfigurationBuilder.Add(IConfigurationSource source) at Mcrio.Configuration.Provider.Docker.Secrets.DockerSecretsConfigurationExtension.AddDockerSecrets(IConfigurationBuilder configurationBuilder, String secretsDirectoryPath, String colonPlaceholder, ICollection`1 allowedPrefixes) at Program.<Main>$(String[] args) in /src/GuardRelay/Program.cs:line 16 at Program.<Main>(String[] args)
Do you have any idea why?
The text was updated successfully, but these errors were encountered:
After some tinkering I managed to exec into my container, if I run ls -lah inside the /run/secrets directory I get the following:
ls -lah
/run/secrets
total 24K drwxr-xr-x 2 root root 4.0K Jan 8 20:11 . drwxr-xr-x 1 root root 4.0K Jan 8 20:11 .. -r--rwx---+ 1 root root 8 Jan 8 19:17 chargeampguard__pin -r--rwx---+ 1 root root 22 Jan 8 19:17 chargeampguard__uri
if I run whoami inside the container I get app guessing that user does not have read permission on the secrets.
whoami
app
Sorry, something went wrong.
After I gave the app user access to the file on the host it worked as expected
No branches or pull requests
Hi I'm trying to use your nuget, but I get a
UnauthorizedAccessException
when I start my container.I'm using normal docker (No swarm or kubernetes).
Exception:
Do you have any idea why?
The text was updated successfully, but these errors were encountered: