Clever Geek Handbook

Keytool error: java.io.FileNotFoundException (Permission denied) when called from docker file

I am trying to install a certificate to a docker image using a dockerfile

ENV JAVA_HOME /usr/lib/jvm/java-8-openjdk-amd64

COPY app-module/src/main/resources/certificates/A.crt /etc/ssl/certs/
COPY app-module/src/main/resources/certificates/B.crt /etc/ssl/certs/

RUN $JAVA_HOME/bin/keytool -import -keystore $JAVA_HOME/jre/lib/security/cacerts -storepass changeit -noprompt -file /etc/ssl/certs/A.crt -alias A
RUN $JAVA_HOME/bin/keytool -import -keystore $JAVA_HOME/jre/lib/security/cacerts -storepass changeit -noprompt -file /etc/ssl/certs/B.crt -alias B

I am getting the error

keytool error: java.io.FileNotFoundException: /usr/lib/jvm/java-8-openjdk-amd64/jre/lib/security/cacerts (Permission denied)

Other answers I found suggested running said command in root / administrator mode. However, I am running these commands in the Dockerfile. How do I get past this error?

+3


source to share


1 answer


The default docker user is root. I believe it has been configured for a non-root user for security reasons. You need to change to custom root and then revert to what the user has set by your organization.



ENV JAVA_HOME /usr/lib/jvm/java-8-openjdk-amd64

COPY app-module/src/main/resources/certificates/A.crt /etc/ssl/certs/
COPY app-module/src/main/resources/certificates/B.crt /etc/ssl/certs/

#change to user root to install certificates
USER root
RUN $JAVA_HOME/bin/keytool -import -keystore $JAVA_HOME/jre/lib/security/cacerts -storepass changeit -noprompt -file /etc/ssl/certs/A.crt -alias A
RUN $JAVA_HOME/bin/keytool -import -keystore $JAVA_HOME/jre/lib/security/cacerts -storepass changeit -noprompt -file /etc/ssl/certs/B.crt -alias B

#change to user oldUser to comply with organisation standards
USER oldUser
+2


source






More articles:


All Articles