时间戳

首页 > 解决方案 > 通过 no-sandbox 但仍然出现错误“不支持以 root 身份运行而没有 --no-sandbox。”

docker - 通过 no-sandbox 但仍然出现错误“不支持以 root 身份运行而没有 --no-sandbox。”

问题描述

我能够使用node用户使其工作并使用设置沙箱,--cap-add=SYS_ADMIN但 AWS ECS Fargate 不支持添加SYS_ADMIN为 linux 参数。因此,我试图传递no--sandbox给 puppeteer,以便我可以以 root 身份运行,但仍然收到错误消息Running as root without --no-sandbox is not supported

环境

重现步骤

如果我执行到 Docker 容器并显式运行,node puppeteer.js我不会收到错误消息,但如果我通过 Postman (http://localhost:8081) 向我的容器发出请求,则会收到错误消息。

Dockerfile

FROM node:10.21

RUN apt-get update && \
  apt-get install -y gconf-service libasound2 libatk1.0-0 libc6 \
  libcairo2 libcups2 libdbus-1-3 libexpat1 libfontconfig1 libgcc1 \
  libgconf-2-4 libgdk-pixbuf2.0-0 libglib2.0-0 libgtk-3-0 libnspr4 \
  libpango-1.0-0 libpangocairo-1.0-0 libstdc++6 libx11-6 libx11-xcb1 \
  libxcb1 libxcomposite1 libxcursor1 libxdamage1 libxext6 libxfixes3 \
  libxi6 libxrandr2 libxrender1 libxss1 libxtst6 ca-certificates \
  fonts-liberation libappindicator1 libnss3 lsb-release xdg-utils wget


# Create app directory
WORKDIR /usr/src/app

# Bundle app source
COPY . .

# Install app dependencies
RUN npm install

# Tried running as node user 
#USER node

# Provide google authentication credentials to your application code
ENV GOOGLE_APPLICATION_CREDENTIALS=/usr/src/app/google/keys.json

CMD [ "npm", "start" ]

Puppeteer.js

const puppeteer = require('puppeteer');

/**
 * Initializes and returns a puppeteer instance
 * @name {getPuppeteerInstance}
 * @returns {Promise} resolves with puppeteer instance
 */
module.exports = async () => {
  try {
    const options = {
      headless: true,
      args: ['--no-sandbox', '--disable-setuid-sandbox'],
      defaultViewport: {
        width: 1440,
        height: 900,
      },
      timeout: 0,  // 0ms timeout is no timeout 
    };
    const browser = await puppeteer.launch(options);
    const page = await browser.newPage(); ``

    page.setDefaultTimeout(0);
    page.setDefaultNavigationTimeout(0);

    return { browser, page };
  } catch (error) {
    console.log(`error`, error);

    return {};
  }
};

预期的结果是什么? 通过传递,--no-sandbox我希望能够以 root 身份启动 puppeteer,而无需设置没有问题的沙箱。

相反会发生什么?

error Error: Failed to launch chrome!
blackbox-app | [0113/220603.530554:ERROR:zygote_host_impl_linux.cc(89)] Running as root without --no-sandbox is not supported. See https://crbug.com/638180.

标签: dockerpuppeteer

解决方案

推荐阅读