Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-37069

Permission denied on durable task directory when using docker.image.inside step on fresh install of jenkins


    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Major Major
    • docker-workflow-plugin

      [Maybe related to issues JENKINS-28821, JENKINS-33632 and JENKINS-36842]


      I am trying to stablish a new CI environment with jobs running on docker but I am running into permission issues. I tried to create a minimal reproducible scenario without slave machines.

      Looking at some of the related issues, I wonder whether I was supposed to configure permissions or group membership for the jenkins user on the container (instead of just using the image as is), but I assume that is not the case.

      Starting on a clean Centos 7 vm, I installed jenkins 2.7.1 and docker, and then added the jenkins user to the docker group (ansible playbook follows). Then I only installed "Pipeline" and "CloudBees Docker Pipeline" plugins and its dependencies. Everything is updated as of today. Then I created a single pipeline job:

      node {
         docker.image('centos:7').inside {
            sh 'pwd'

      This job fails with permission issues:

      Started by user admin
      [Pipeline] node
      Running on master in /var/lib/jenkins/workspace/container-test
      [Pipeline] {
      [Pipeline] sh
      [container-test] Running shell script
      + docker inspect -f . centos:7
      [Pipeline] withDockerContainer
      $ docker run -t -d -u 992:989 -w /var/lib/jenkins/workspace/container-test -v /var/lib/jenkins/workspace/container-test:/var/lib/jenkins/workspace/container-test:rw -v /var/lib/jenkins/workspace/container-test@tmp:/var/lib/jenkins/workspace/container-test@tmp:rw -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** centos:7 cat
      [Pipeline] {
      [container-test] Running shell script
      [Pipeline] sh
      sh: /var/lib/jenkins/workspace/container-test@tmp/durable-890dccc6/pid: Permission denied
      sh: /var/lib/jenkins/workspace/container-test@tmp/durable-890dccc6/jenkins-log.txt: Permission denied
      sh: /var/lib/jenkins/workspace/container-test@tmp/durable-890dccc6/jenkins-result.txt: Permission denied
      [Pipeline] }
      $ docker stop c71c65555ff53a1bd87db33a9d240c6eb4ae14d9c61a0a0a348c7f72f82b7a50
      $ docker rm -f c71c65555ff53a1bd87db33a9d240c6eb4ae14d9c61a0a0a348c7f72f82b7a50
      [Pipeline] // withDockerContainer
      [Pipeline] }
      [Pipeline] // node
      [Pipeline] End of Pipeline
      ERROR: script returned exit code -2
      Finished: FAILURE

      Tools were installed using the following ansible recipe:

      - hosts: jenkins-minimal
        - yum: name={{ item }} state=installed
            - libselinux-python
            - dejavu-sans-fonts
            - fontconfig
            - java-1.8.0-openjdk-headless
            - docker
        - yum_repository:
            name: jenkins
            description: 'Jenkins-stable'
            baseurl: http://pkg.jenkins.io/redhat-stable
            gpgkey: http://pkg.jenkins.io/redhat-stable/jenkins.io.key
        - yum: name=jenkins state=installed
        - group: name=docker
        - user: name=jenkins groups=docker
        - firewalld: port=8080/tcp state=enabled permanent=true immediate=yes
        - service: name={{ item }} state=started enabled=yes
            - jenkins
            - docker

            Unassigned Unassigned
            seuvitor Vitor Dantas
            1 Vote for this issue
            9 Start watching this issue