I have try docker-php-ext-install in Dockerfile, but I’ve error when see --progress=plain

Here is my Dockerfile:

FROM php:8.3-fpm

WORKDIR public_html/pukis

RUN apt-get update && apt-get install -y tzdata
ENV TZ=Asia/Jakarta
RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone

RUN apt-get update && apt-get install -y --no-install-recommends \
        zlib1g-dev libicu-dev g++ \
        xz-utils \
        libjpeg62-turbo-dev \
        libzip-dev \
        libpng-dev \
        libwebp-dev \
        libfreetype6-dev \
        libxml2-dev \
        libc-bin \
        curl \
        git \
        zip \
        unzip \
        yaz \
        libyaz-dev

RUN docker-php-ext-install pdo_mysql mbstring zip exif pcntl

RUN pecl install yaz
RUN docker-php-ext-enable yaz

RUN apt-get clean && rm -rf /var/lib/apt/lists/*

after run docker compose build php-fpm8.3 --progress=plain, I got error this

[ 6/10] RUN docker-php-ext-install pdo_mysql mbstring zip exif pcntl:
0.445 xz: Failed to enable the sandbox
0.445 tar: Child returned status 1
0.445 tar: Error is not recoverable: exiting now

how to solved Failed to enable the sanbox?
Docker version 28.5.1, build e180ab8

Try removing packages from the list and keep only one. Change it to the next until it fails as a first step. Once you knoew which package caused the failure if any, you can try to figure out why.

PS.: I edited your post to use code block instead of quotes. Please, use code blocks for any code, terminal output or logs. More detauls here: How to format your forum posts

I’ve try remove everything and just use

RUN docker-php-ext-install pdo_mysql mbstring zip exif pcntl

but I’ve some error. when I’am using php7.4-fpm is not problem, but in php8.1 or php8.3 problem sanbox

Of course you get the same error for the same line. I recommended removing packages from that line.

I’ve been battling this same problem for about a month and haven’t been able to find a way around it.

The problem is indicated here:

0.445 xz: Failed to enable the sandbox

The problem appears using the PHP 8.4 docker image that is built on Debian-Trixie (php:8.4-fpm). If I move back to 8.4 that is built on Debian-Bookworm (php:8.4-fpm-bookworm), then it passes… but obviously that is not sustainable long-term.

Invoking directly xz against an .xz file confirms that’s where the problem is. I have not found a way that can disable the sandbox for the xz command. Allegedly setting the environment variable as XZ_DEFAULTS="--no-auto-sandbox should disable it, but no luck with this. example:

root@88b5e7a01b30:~# env XZ_DEFAULTS="--no-auto-sandbox" xz --no-auto-sandbox /usr/src/php.tar.xz
xz: Failed to enable the sandbox

So, with all that said, I’m unsure how to disable the sandbox for xz or if there’s a way to tell docker-php-ext-install to pull from a location that has the extensions built using a different compression mechanism.

Is anyone using the PHP image based on Trixie with extensions?

(yes, i’ve tried this against multiple extensions with no change: gd, exit, zip, bcmath, etc – all are compressed with xz, and therefore fail)

Thank you for your comment. I didn’t realize that the error mesage mentioned “xz”. If that is used by the docker-php- scripts and no extension can be installed, I would report it in the repository of the docker image

https://github.com/docker-library/php/issues

The script should work the same way regaredless of which distribution that image was based on, unless documented what else you should do.

found it… “issues” not “issue” !

Thanks. I fixed the link. Now it makes sense why the preview didn’t work when I inserted the link..