Unable to install using apt-get permission denied in /usr/bin

Hello everyone. I have a problem I can’t install dos2unix inside a container:


FROM postgis/postgis:13-3.3
USER root
RUN apt-get update && apt-get install dos2unix && apt-get clean

It tries to install it,

 => CACHED [uncrosstab-abm-results 1/2] FROM docker.io/postgis/postgis:13-3.3                                                                                                                                                                                                   0.0s
 => [uncrosstab-abm-results 2/2] RUN apt-get update && apt-get install dos2unix && apt-get clean    

But runs into a permissions error in /usr/bin:

#0 49.20 dpkg: error processing archive /var/cache/apt/archives/dos2unix_7.4.1-1_amd64.deb (--unpack):
#0 49.20  unable to create '/usr/bin/dos2unix.dpkg-new' (while processing './usr/bin/dos2unix'): Permission denied
#0 49.20 dpkg: error while cleaning up:
#0 49.20  unable to remove newly-extracted version of '/usr/bin/dos2unix': Permission denied

I do have my docker engine install on an external drive, could it be one of the weird MacOS extended permissions model thing? But, this /usr/bin directory is inside the container, not outside the container, so I doubt that’s the problem.

Any other clues as to what I should try? I’m exploring on some Windows hosts, to see if it’s only a MacOS Docker problem. I have reinstalled Docker latest version (engine v24.0.2, desktop 4.20.1 (110738), compose v2.18.1). I tried docker system prune -f too, but it didn’t seem to help — just nuked a bunch of stuff so I had to reinstall.


Strange. Can you install anything inside a container or just start a container and create a file somewhere? For example I would try to write /tmp/test.txt, then /usr/bin/test.sh

If it is caused by the external drive then maybe the virtual machine disk image is not writable so it can1t be changed even from inside the virtual machine of Docker Desktop, but then you would probably not be able to start a container either

Thanks for the testing idea. Yes, with docker run -it <container> bash I can touch and edit a file inside the container, inside of /tmp and also inside of /usr/bin/

I wonder why apt-get can’t?

I’m not sure, but I could build your shared Dockerfile on my Mac so the problem is probably not with the Docker image or apt in it.

Thanks. Much appreciated. I think I fixed it. I deleted my entire folder of docker stuff (where it stores everything, which I had relocated to an external drive) and reinstalled Docker and then it was starting from scratch. Notably, using the normal uninstall procedure didn’t delete all that container data.

Now it seems to be working, but the new containers are showing up back in ~/Library/Containers/com.docker.docker. I’ll keep them there until my hard drive fills up again and then deal with relocating them.