Mount: permission denied (are you root?) while using docker-in-docker workflow with Docker executor

kaushalshriyan · May 24, 2020, 7:31pm

Hi,

I am referring to Use Docker to build Docker images | GitLab to use docker-in-docker workflow with Docker executor. When I execute the pipeline, I am encountering the below issue

2020-05-23T05:48:17.105408575Z .++++
2020-05-23T05:48:17.105956361Z e is 65537 (0x010001)
2020-05-23T05:48:17.143463623Z Signature ok
2020-05-23T05:48:17.143507078Z subject=CN = docker:dind server
2020-05-23T05:48:17.143677083Z Getting CA Private Key
2020-05-23T05:48:17.157238138Z /certs/server/cert.pem: OK
2020-05-23T05:48:17.161977474Z Generating RSA private key, 4096 bit long modulus (2 primes)
2020-05-23T05:48:17.246030617Z ..................++++
2020-05-23T05:48:17.284894101Z .......++++
2020-05-23T05:48:17.284947790Z e is 65537 (0x010001)
2020-05-23T05:48:17.311669237Z Signature ok
2020-05-23T05:48:17.311705543Z subject=CN = docker:dind client
2020-05-23T05:48:17.311712394Z Getting CA Private Key
2020-05-23T05:48:17.337957567Z /certs/client/cert.pem: OK
2020-05-23T05:48:17.346384315Z mount: permission denied (are you root?)
2020-05-23T05:48:17.346794302Z Could not mount /sys/kernel/security.
2020-05-23T05:48:17.346820929Z AppArmor detection and --privileged mode might break.
2020-05-23T05:48:17.349476873Z mount: permission denied (are you root?)

cat /etc/gitlab-runner/config.toml

[[runners]]
name = “atreusdind”
url = “https://gitlab.example.com/”
token = “9kuyYJtz-81gBHDazjv4”
executor = “docker”
[runners.custom_build_dir]
[runners.docker]
tls_verify = false
image = “docker:19.03.9”
privileged = true
disable_entrypoint_overwrite = false
oom_kill_disable = false
disable_cache = false
volumes = [“/var/run/docker.sock:/var/run/docker.sock”, “/cache”]
shm_size = 0
[runners.cache]
[runners.cache.s3]
[runners.cache.gcs]
[runners.custom]
run_exec = “”

GitLab version

System information
System:
Current User: git
Using RVM: no
Ruby Version: 2.6.6p146
Gem Version: 2.7.10
Bundler Version:1.17.3
Rake Version: 12.3.3
Redis Version: 5.0.9
Git Version: 2.26.2
Sidekiq Version:5.2.7
Go Version: unknown

GitLab information
Version: 13.0.0
Revision: 6743e883eae
Directory: /opt/gitlab/embedded/service/gitlab-rails
DB Adapter: PostgreSQL
DB Version: 11.7
URL: https://gitlab.example.com
HTTP Clone URL: https://gitlab.example.com/some-group/some-project.git
SSH Clone URL: git@gitlab.example.com:some-group/some-project.git
Using LDAP: no
Using Omniauth: yes
Omniauth Providers:

GitLab Shell
Version: 13.2.0
Repository storage paths:

default: /var/opt/gitlab/git-data/repositories
GitLab Shell path: /opt/gitlab/embedded/service/gitlab-shell
Git: /opt/gitlab/embedded/bin/git

Any clue regarding the above mount: permission denied (are you root?). Thanks in advance and i look forward to hearing from you.

Best Regards,

Kaushal

kaushalshriyan · May 25, 2020, 4:55pm

Hi,

Checking in again if someone can pitch in for my earlier post to this forum. Thanks in advance and I look forward to hearing from you.

Best Regards,

Kaushal

webmutation · May 26, 2020, 12:12pm

Usually you get this error if the docker image you are using has a non root user as default. since your runner is already privileged, check the source (dockerfile) of the build image.

Resister · January 15, 2021, 5:37pm

@kaushalshriyan. I am getting the same error by following the docs Did you ever solve it? Are you running multiple runners in the same config?

@webmutation this is a docker in docker problem. The image giving this error docker image within docker.

webmutation · January 15, 2021, 6:10pm

Check the dockerfile code. Usually it is the problem. User settings.

You can fix the user and groups. If its not your image, then you need to change it.