Keytool error: java.io.FileNotFoundException (Permission denied) when called from docker file
I am trying to install a certificate to a docker image using a dockerfile
ENV JAVA_HOME /usr/lib/jvm/java-8-openjdk-amd64
COPY app-module/src/main/resources/certificates/A.crt /etc/ssl/certs/
COPY app-module/src/main/resources/certificates/B.crt /etc/ssl/certs/
RUN $JAVA_HOME/bin/keytool -import -keystore $JAVA_HOME/jre/lib/security/cacerts -storepass changeit -noprompt -file /etc/ssl/certs/A.crt -alias A
RUN $JAVA_HOME/bin/keytool -import -keystore $JAVA_HOME/jre/lib/security/cacerts -storepass changeit -noprompt -file /etc/ssl/certs/B.crt -alias B
I am getting the error
keytool error: java.io.FileNotFoundException: /usr/lib/jvm/java-8-openjdk-amd64/jre/lib/security/cacerts (Permission denied)
Other answers I found suggested running said command in root / administrator mode. However, I am running these commands in the Dockerfile. How do I get past this error?
+3
source to share
1 answer
The default docker user is root. I believe it has been configured for a non-root user for security reasons. You need to change to custom root and then revert to what the user has set by your organization.
ENV JAVA_HOME /usr/lib/jvm/java-8-openjdk-amd64
COPY app-module/src/main/resources/certificates/A.crt /etc/ssl/certs/
COPY app-module/src/main/resources/certificates/B.crt /etc/ssl/certs/
#change to user root to install certificates
USER root
RUN $JAVA_HOME/bin/keytool -import -keystore $JAVA_HOME/jre/lib/security/cacerts -storepass changeit -noprompt -file /etc/ssl/certs/A.crt -alias A
RUN $JAVA_HOME/bin/keytool -import -keystore $JAVA_HOME/jre/lib/security/cacerts -storepass changeit -noprompt -file /etc/ssl/certs/B.crt -alias B
#change to user oldUser to comply with organisation standards
USER oldUser
+2
source to share