Set of errors when running a docker container

by

I have been asked to make a couple tweaks to a legacy PHP project that runs inside a docker container. In order to make those tweaks, I am trying to get a local working copy of the app and associated container running.

The docker container runs Alpine linux. I try to go to my index page and the browser just spins forever, with the following repetitive log output looping for as long as the request is active:

php-fpm_1 | [25-Apr-2018 17:35:54] ERROR: failed to
ptrace(ATTACH) child 25: Operation not permitted (1) php-fpm_1
| [25-Apr-2018 17:35:54] WARNING: [pool www] child 25, script
‘/usr/src/app/web/app_dev.php’ (request: “GET /app_dev.php”) executing
too slow (2.455295 sec), logging php-fpm_1 | 172.23.0.3 –
25/Apr/2018:17:35:50 +0200 “GET /app_dev.php” 404 php-fpm_1 |
[25-Apr-2018 17:35:55] ERROR: failed to ptrace(ATTACH) child 24:
Operation not permitted (1) php-fpm_1 | [25-Apr-2018 17:35:55]
WARNING: [pool www] child 24, script ‘/usr/src/app/web/app_dev.php’
(request: “GET /app_dev.php”) executing too slow (2.423747 sec),
logging php-fpm_1 | 172.23.0.3 – 25/Apr/2018:17:35:49 +0200
“GET /app_dev.php” 404

… etc …

I found a different serverfault post that recommended manually running audit2allow — a utility I have never used — in order to fix a similar issue. But Alpine linux does not come with that utility, nor is the APK package manager present in my container. Before I go through the considerable work of installing those utilities, I want to know:

Is audit2allow even the way to go with this, or is there another likely solution?

=====

Edit: As Gerald commented, the audit2allow tool is part of selinux, which is not present in this copy of Alpine. So there must be a different way around this bug.

Answer

It turned out that this was an app problem rather than an environment problem. I needed to symlink a folder full of static assets. 

make assets-update

… which in turn wraps:

app/console bazinga:js-translation:dump
app/console assets:install
app/console assetic:dump
@if [ ! -h web/storage ]; then \
    ln --symbolic ../data/storage web/storage; \

Once I did that, the issue went away.

Attribution
Source : Link , Question Author : Patrick , Answer Author : Patrick

Leave a Comment