前几天在工作中跑一个docker容器的时候,遇到了系统提示write /proc/self/attr/keycreate: permission denied
的问题,具体如下:
root@vm021:~# docker run --detach \
> -p 19001:8080 \
> -v /data/label/manager/job/jobs:/data/applogs \
> --name xxl-job-admin \
> --env PARAMS="--spring.datasource.url=jdbc:mysql://192.168.1.131:3006/xxl_job?useUnicode=true&characterEncoding=UTF-8&autoReconnect=true&serverTimezone=Asia/Shanghai --spring.datasource.username=root --spring.datasource.password=123456" \
> xuxueli/xxl-job-admin:2.3.0
600869aa99e4fee7a33505e88b44218480bfaa4778225d636a801d2da5dc7f82
docker: Error response from daemon: OCI runtime create failed: container_linux.go:349: starting container process caused "process_linux.go:449: container init caused \"write /proc/self/attr/keycreate: permission denied\"": unknown.
root@vm021:~#
经过排查,发现出现这个问题,主要是由于/etc/selinux/config中的SELINUX=enforcing
引起的,这个时候,只要将其修改为SELINUX=enforcing
即可。如果用命令来修改,命令如下所示:
sed -i s/SELINUX=enforcing/SELINUX=disabled/g /etc/selinux/config
修改完成后,重启主机即可永久生效。