Error running systemctl to start service in Amazon Linux 2

Question

I am trying to build a simple Apache/PHP server using the Amazon Linux 2 image. I have the following:

Dockerfile

FROM amazonlinux:2

RUN amazon-linux-extras install epel -y &&\
    amazon-linux-extras install php7.4 -y &&\
    yum update -y &&\
    yum install httpd -y

COPY --chown=root:root docker/script/startup /startup

ENTRYPOINT /startup

startup

#!/usr/bin/env bash

mkdir -p /run/dbus              # Added this based on other SO question
dbus-daemon --system            # Added this based on other SO question

systemctl enable dbus           # Added this based on other SO question
systemctl start dbus            # Added this based on other SO question
systemctl status dbus           # Added this based on other SO question

systemctl enable httpd
systemctl start httpd
systemctl status httpd

/bin/bash

docker-compose.yml

web:
  build: .
  container_name: "${APP_NAME}-app"
  environment:
    VIRTUAL_HOST: "${WEB_HOST}"
  env_file:
    - ./.env-local
  working_dir: "/${APP_NAME}/app"
  restart: "no"
  privileged: true              # Added this based on other SO question
  volumes:
    - "./app:/${APP_NAME}/app:ro"
    - ./docker:/docker
    - "./conf:/${APP_NAME}/conf:ro"
    - "./vendor:/${APP_NAME}/vendor:ro"
    - "./conf:/var/www/conf:ro"
    - "./web:/var/www/html/"
  depends_on:
    - composer

I run this with the following command:

docker run -it web bash

And this is what it gives me:

Failed to get D-Bus connection: Operation not permitted
Failed to get D-Bus connection: Operation not permitted
Created symlink /etc/systemd/system/multi-user.target.wants/httpd.service, pointing to /usr/lib/systemd/system/httpd.service.
Failed to get D-Bus connection: Operation not permitted
Failed to get D-Bus connection: Operation not permitted

I don't understand why I'm getting this or how to resolve?

Answer 1

Suggesting to avoid systemd service units in a docker image.

Instead use cronttab script with @boot directive/selector.

In addition dbus is centrally managed by kernel and not allowed at container level. If Docker service is up then you probably have dbus active and running.

You can add capabilities to the root user running in the container. Read more here.

As last resort try to disable SELinux in your docker image.

Answer 2

I was running into the same issue trying to run systemctl from within the Amazon Linux 2 docker image

Dockerfile:

FROM amazonlinux:latest

# update and install httpd 2.4.53, php 7.4.28 with php extensions
RUN yum update -y; yum clean all
RUN yum install -y httpd amazon-linux-extras
RUN amazon-linux-extras enable php7.4
RUN yum clean metadata
RUN yum install -y php php-{pear,cli,cgi,common,curl,mbstring,gd,mysqlnd,gettext,bcmath,json,xml,fpm,intl,zip}

# update website files
WORKDIR /var/www/html
COPY phpinfo.php /var/www/html
RUN chown -R apache:apache /var/www
CMD ["/usr/sbin/httpd","-DFOREGROUND"]

EXPOSE 80
EXPOSE 443

$ docker build -t azl1 $ docker run -d -p 8080:80 --name azl1_web azl1

pointing a browser to the IP:8080/phpinfo.php brought up the normal phpinfo page as expected pointing to a successful php 7.4.28 installation.