Search code examples
google-cloud-platformgoogle-container-os

Cannot run executable shell script on Google Container-Optimized OS


On any other linux distro, I can create a file with a shebang and run shell scripts like so:

$ chmod +x test.sh
$ ./test.sh Johnny
hello Johnny

But on Google Cloud Platform Container-Optimized OS, I get -bash: ./test.sh: Permission denied

If I prefix with sh e.g. sh test.sh Johnny it will work. How can I get this to work normally?

$ cat test.sh
#!/usr/bin/env sh

echo "Hello $@"

matt@rancher-4mmm /tmp/matt $ chmod +x test.sh 
matt@rancher-4mmm /tmp/matt $ sh ./test.sh matt
Hello matt

matt@rancher-4mmm /tmp/matt $ ./test.sh matt
-bash: ./test.sh: Permission denied
matt@rancher-4mmm /tmp/matt $ ls -la
total 4
drwxr-xr-x  2 matt matt  60 Feb 28 20:00 .
drwxrwxrwt 14 root root 280 Feb 28 19:59 ..
-rwxr-xr-x  1 matt matt  35 Feb 28 20:00 test.sh

Solution

  • Most filesystems on a COS node are mounted with "noexec" flag so you can't execute binaries from them.

    Some workarounds:

    • For scripts, invoke the interpreter with the script as the argument, "bash /path/script.sh", "python /path/app.py"
    • Mount an extra data disk under /mnt/disks. You can mount it without the "noexec" flag. Use startup-script to mount at boot.