Comments - mariadb image not exiting smothly with docker rootless

This is really weird:

docker-entrypoint.sh: line 149: kill: (109) - Permission denied

The 109 is the process of the temporary server started which is in the logs. There hasn't been any change in user. So its effectively the entry-point running a background mysqld process and then not being able to kill the same process.

Evidently the docker root mode doesn't hit this "Permission denied".

Look at upgrading your OS and docker version. Something seems incompatible there though I can't pinpoint what it might be.

thanks Daniel for your Reply!

yeah - i think i once also tried to

docker exec -ti test-db bash

and try to kill the process - but get the same permission denied. such *not possible to kill* scenarios can also come from some sort of io-problem: the process is in a *read or write* operation that the kernel can not stop. i had this on my development-laptop long time ago with some very experimental setup..

my os and docker are - i think - up to date:

Operating System: Kubuntu 24.04
KDE Plasma Version: 5.27.11
KDE Frameworks Version: 5.115.0
Qt Version: 5.15.13
Kernel Version: 6.8.0-35-generic (64-bit)
Graphics Platform: X11
Processors: 16 × Intel® Core™ i9-9980HK CPU @ 2.40GHz
Memory: 31,2 GiB of RAM
Graphics Processor: Mesa Intel® UHD Graphics 630
Manufacturer: ASUSTeK COMPUTER INC.
Product Name: ZenBook Pro Duo UX581GV_UX581GV
System Version: 1.0

$ docker version
Client: Docker Engine - Community
 Version:           26.1.3
 API version:       1.45
 Go version:        go1.21.10
 Git commit:        b72abbb
 Built:             Thu May 16 08:33:27 2024
 OS/Arch:           linux/amd64
 Context:           rootless

Server: Docker Engine - Community
 Engine:
  Version:          26.1.3
  API version:      1.45 (minimum version 1.24)
  Go version:       go1.21.10
  Git commit:       8e96db1
  Built:            Thu May 16 08:33:27 2024
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.6.32
  GitCommit:        8b3b7ca2e5ce38e8f31a34f35b2b68ceb8470d89
 runc:
  Version:          1.1.12
  GitCommit:        v1.1.12-0-g51d5e94
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0
 rootlesskit:
  Version:          2.0.2
  ApiVersion:       1.1.1
  NetworkDriver:    slirp4netns
  PortDriver:       builtin
  StateDir:         /run/user/1000/dockerd-rootless
 slirp4netns:
  Version:          1.2.1
  GitCommit:        09e31e92fa3d2a1d3ca261adaeb012c8d75a8194

as already posted - with the 11.4 image it does work.

i am with you - it is really odd.. maybe something to do with *root* creating the volume and therefore the directories and files - and somehow this root is different when rootless is in play...?! for now i try to just use the current lts version

The following might be able to kill, and this more closely maps the user that does it in the entrypoint.

docker exec --user mysql -ti test-db bash

There are uid maps, the only root (or faked root) priv required is the changing of file permissions/ownership.

I'm even looking at making these non-fatal - https://github.com/MariaDB/mariadb-docker/pull/595 - but this would have showed up differently in your logs.

Glad the 11.4 container is fine.