SQL-Server 2019 docker container fails to start with -v option

[ststeiger]

I'm trying to run SQL-Server 2019 in docker in Ubuntu 18.04.

This is how I want it to look:

mkdir -p /var/opt/mssql_2019
docker run -d -p 2019:1433 --name mssql_2019 -e 'MSSQL_SA_PASSWORD=TopSecret123456!abc' -e 'ACCEPT_EULA=Y' -e MSSQL_PID="Developer" -v /var/opt/mssql_2019:/var/opt/mssql -d mcr.microsoft.com/mssql/server:2019-latest

I issue the command, and sql-server exits immediately, not even an entry in the logfile in /var/opt/mssql_2019, hell, not even a file created there.
If I omit
-v /var/opt/mssql_2019:/var/opt/mssql

then it works fine.

Doing exactly the same with sql-server 2017 worked fine.

I run docker logs <containterID> and I get

SQL-Server 2019 will run as non-root by default. 
This container is running as user mssql. 
To learn more, visit...
/opt/mssql/bin/sqlservr: Error: The system directory [/.system] could not be created. Error [13].

I set permisson on /var/opt/mssql_2019 for group mssql to read&write...

Am I doing something wrong here, or is this a bug ?

If this is a permission issue, how can I get the container to run as root ?

If I switch to su mssql, I can create and delete files and folders in /var/opt/mssql_2019 without problems.

Also, if I add user mssql to sudo
adduser mssql sudo
that doesn't help.

It should be noted that the docker file says

RUN useradd -M -s /bin/bash -u 10001 -g 0 mssql
RUN mkdir -p -m 770 /var/opt/mssql && chgrp -R 0 /var/opt/mssql

but on my computer, user mssql already exists as user 999...
Probably added by sql-server 2017...

[ststeiger]

Solved, don't know which one of the following did the trick
Rename the existing mssql user to mssql_2017
Add user mssql, add to group 0
Add permissions to /var/opt/mssql_2019 and /var/opt/mssql.

Maybe it would have sufficed to just chgrp -R 0 /var/opt/mssql_2019

usermod --login mssql_2017 mssql
useradd -M -s /bin/bash -u 10001 -g 0 mssql

chgrp -R 0 /var/opt/mssql
chgrp -R 0 /var/opt/mssql_2019

from dockerfile excerpt in
https://blog.dbi-services.com/using-non-root-sql-server-containers-on-docker-and-k8s/

[ststeiger]

Maybe it either should check if the user already exists, or it should create a separate user for every mssql-version. Don't know if the docker stuff uses the id or the username for permisson.

[SonGokussj4]

mkdir mssql && cd mssql
mkdir data
chown 10001 data
Run container

Had to do this three times now because of permissions.

[mostafa8026]

I have this issue in k8s. :((

 # k logs mssql-57f6f78dbb-4jwwk
SQL Server 2019 will run as non-root by default.
This container is running as user mssql.
To learn more visit https://go.microsoft.com/fwlink/?linkid=2099216.
/opt/mssql/bin/sqlservr: Error: The system directory [/.system] could not be created.  Errno [13]

[mostafa8026]

Problem has been resolve with running this command in the host:
chown 10001:0 [the-path-of-the-mounted-volume]

[emmanuelcaamal]

I had the same problem, I solved it in the following way.

my docker compose was has follows

sqlserver:
    container_name: "sqlserver"
    hostname: "sqlserver"
    image: "mcr.microsoft.com/mssql/server"
    environment: 
        SA_PASSWORD: "<my_password_here>"
        ACCEPT_EULA: "Y"
    ports:
        - 2533:1433
    volumes:
        - /var/lib/docker/volumes/mssql_db/_data:/var/opt/mssql
    expose:
        - 2533

and the change that applies was the following

- /var/lib/docker/volumes/mssql_db/_data:/var/opt/data

finally this worked

[GetoXs]

There are few solution for this problem:

1. Run docker as root.

eg. compose:

version: '3.6'
services:
  mssql:
    image: mcr.microsoft.com/mssql/server:2019-latest
    user: root
    ports:
      - 1433:1433
    environment:
      - ACCEPT_EULA=Y
      - SA_PASSWORD=BLAH
    volumes:
      - ./data:/var/opt/mssql/data

Source: #13 (comment)

2. Setup proper directory owner (mssql)

1. Check id for mssql user on docker image
   sudo docker run -it mcr.microsoft.com/mssql/server id mssql
   gives: uid=10001(mssql) gid=0(root) groups=0(root)
2. Change folder's owner
   sudo chown 10001 VOLUME_DIRECTORY

Source in spanish: https://www.eiximenis.dev/posts/2020-06-26-sql-server-docker-no-se-ejecuta-en-root/

3. Full access (not recommended)

Give full access to db files on host
sudo chmod 777 -R VOLUME_DIRECTORY

[tmtiwari]

I have this issue in k8s. :((

 # k logs mssql-57f6f78dbb-4jwwk
SQL Server 2019 will run as non-root by default.
This container is running as user mssql.
To learn more visit https://go.microsoft.com/fwlink/?linkid=2099216.
/opt/mssql/bin/sqlservr: Error: The system directory [/.system] could not be created.  Errno [13]

And, when I change the mapping to /var/opt/mssql/data I get this :

This container is running as user mssql.
To learn more visit https://go.microsoft.com/fwlink/?linkid=2099216.
2021-01-15 23:50:05.95 Server      Setup step is copying system data file 'C:\templatedata\master.mdf' to '/var/opt/mssql/data/master.mdf'.
2021-01-15 23:50:06.05 Server      ERROR: Setup FAILED copying system data file 'C:\templatedata\master.mdf' to '/var/opt/mssql/data/master.mdf':  2(The system cannot find the file specified.)
ERROR: BootstrapSystemDataDirectories() failure (HRESULT 0x80070002)

Why is an Ubuntu image looking in C: drive for template data?

[IsaackRasmussen]

For Kubernetes: Adding the SecurityContext also works
https://docs.microsoft.com/en-us/sql/linux/tutorial-sql-server-containers-kubernetes?view=sql-server-ver15

[IoTPlay]

What about rather running as another user? I cannot get this to work.

version: '3.6'
services:
  mssql:
    image: mcr.microsoft.com/mssql/server:2019-latest
    user: mylinuxuser   # not as root
    ....

[amvin87-zz]

@IoTPlay only the user mssql is supported to run SQL Server on Linux. See this sample for example: https://github.com/microsoft/mssql-docker/blob/master/linux/preview/SLES/dockerfile

[asadalidev]

Problem has been resolve with running this command in the host:
chown 10001:0 [the-path-of-the-mounted-volume]

it saved my time. Thanks

[alercunha]

In my case this error happened because the OS drive was full. Somehow this error occurred because of that.
Just posting here in case someone is looking for an alternate solution.

[amkuio]

Problem has been resolve with running this command in the host: chown 10001:0 [the-path-of-the-mounted-volume]

Did the trick for me :-)

[wodsonluiz]

My docker compose. Running on Macos with m1 processor ✅

version: "3"
services:

  mssql:
    image: mcr.microsoft.com/azure-sql-edge
    ports:
      - 1433:1433
    environment:
      - ACCEPT_EULA=1
      - MSSQL_PID=Developer
      - MSSQL_USER=SA
      - SA_PASSWORD=mayPassword
    volumes:
      - ./data:/var/opt/mssql/data
    networks:
       - compose-network

networks:
  compose-network:
    driver: bridge

[dieasmaz]

I had the same problem, I solved it in the following way.

my docker compose was has follows

sqlserver:
    container_name: "sqlserver"
    hostname: "sqlserver"
    image: "mcr.microsoft.com/mssql/server"
    environment: 
        SA_PASSWORD: "<my_password_here>"
        ACCEPT_EULA: "Y"
    ports:
        - 2533:1433
    volumes:
        - /var/lib/docker/volumes/mssql_db/_data:/var/opt/mssql
    expose:
        - 2533

and the change that applies was the following

- /var/lib/docker/volumes/mssql_db/_data:/var/opt/data

finally this worked

This works for me!
Thanks...

[okpedro]

I'd recommend anyone facing this issue take a look at the following Microsoft documentation:
https://docs.microsoft.com/en-us/sql/linux/sql-server-linux-docker-container-security?view=sql-server-ver16

Take a look at the "Configure persistent storage permissions for non-root containers" section.

[tsondergaard]

When running with podman on RHEL 9 with selinux enabled, this is what fixed the problem for me:

chcon -t container_file_t /var/opt/mssql

[amirkochak]

In my case this error happened because the OS drive was full. Somehow this error occurred because of that. Just posting here in case someone is looking for an alternate solution.

Resolved the issue for me.

[osnipezzini]

Problem has been resolve with running this command in the host: chown 10001:0 [the-path-of-the-mounted-volume]

This solution fixed for me

[kristianbendren]

For me it helped by setting the user:root

Part of my docker-compose
`version: '3.4'

services:
mssql:
container_name: mssql
image: 'mcr.microsoft.com/mssql/server:2022-latest'
user: root
hostname: mssql
networks:
- proxy
volumes:
- /volume1/docker-data/mssql/data:/var/opt/mssql/data`

[m4ss1m0g]

For Docker Desktop, WSL2 and docker volumes the solution is:

1. run the image with -u 0:0 flag docker run -u 0:0 ..... mcr.microsoft.com/mssql/server:2022-latest
2. enter the container with bash and cd to /var/opt
3. run chown -R 10001:0 mssql
4. remove the container and re-start it without -u 0:0

[ryepup]

I ran into this using docker volumes, and didn't want to run mssql as root. where I can't easily chown.

This is what I ended up with:

version: "3.7"

services:
  mssql:
    image: mcr.microsoft.com/mssql/server:2022-latest
    restart: always # keep trying, fix-perms might fix mssql
    environment:
      ACCEPT_EULA: "Y"
      MSSQL_SA_PASSWORD: "<password>"
    volumes:
      - "mssql-data:/var/opt/mssql/data"

  # mssql has some weird defaults around permissions; fixup the volume to match
  fix-perms:
    image: mcr.microsoft.com/mssql/server:2022-latest
    user: root
    command: chown -R mssql:root /var/opt/mssql
    volumes:
      - "mssql-data:/var/opt/mssql/data"

volumes:
  mssql-data: