-
-
Notifications
You must be signed in to change notification settings - Fork 64
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Permission denied on alpine #6
Comments
One more indicator that might help: The file does get created and it looks to me as if it has the correct permissions: /var/lib/codapi # while true; do ls -l /tmp/* | grep codapi; done
# This prints nothing until a request arrives an then lots of the following line
-r--r--r-- 1 codapi docker 10 Jan 15 22:48 main.sh
# ...
One thing I don't understand is the discrepancy between the id of the /var/lib/codapi # doas -u codapi docker run --rm --name sh_run_68222003 --runtime runc --cpus 1 --memory 64m --network none --pids-limit 64 --user sandbox --read-only --volume /tmp/foo:/sandbox:ro --cap-d
rop all --ulimit nofile=96 codapi/alpine sh -c "ls -l /"
total 56
drwxr-xr-x 2 root root 4096 Nov 30 09:32 bin
drwxr-xr-x 5 root root 320 Jan 15 22:13 dev
drwxr-xr-x 18 root root 4096 Jan 15 22:13 etc
drwxr-xr-x 2 root root 4096 Nov 30 09:32 home
drwxr-xr-x 7 root root 4096 Nov 30 09:32 lib
drwxr-xr-x 5 root root 4096 Nov 30 09:32 media
drwxr-xr-x 2 root root 4096 Nov 30 09:32 mnt
drwxr-xr-x 2 root root 4096 Nov 30 09:32 opt
dr-xr-xr-x 148 root root 0 Jan 15 22:13 proc
drwx------ 2 root root 4096 Nov 30 09:32 root
drwxr-xr-x 2 root root 4096 Nov 30 09:32 run
drwx------ 2 1001 sandbox 60 Jan 15 21:53 sandbox
drwxr-xr-x 2 root root 4096 Nov 30 09:32 sbin
drwxr-xr-x 2 root root 4096 Nov 30 09:32 srv
dr-xr-xr-x 13 root root 0 Jan 15 22:13 sys
drwxrwxrwt 2 root root 4096 Nov 30 09:32 tmp
drwxr-xr-x 7 root root 4096 Nov 30 09:32 usr
drwxr-xr-x 12 root root 4096 Nov 30 09:32 var
/var/lib/codapi # doas -u codapi docker run --rm --name sh_run_68222003 --runtime runc --cpus 1 --memory 64m --network none --pids-limit 64 --user sandbox --read-only --volume /tmp/foo:/sandbox:ro --cap-d
rop all --ulimit nofile=96 codapi/alpine sh -c "id -u"
1000 |
https://git.tigger.cloud/public/codapi-setup-alpine - this link requires authorization. |
Cloning in `/public` works without authentication. I haven't gotten around to building an unauthenticated section of the web UI 😉
|
If you'd like, I can mirror the repo on GitHub. |
No, it's fine, thank you. Now I need some time to investigate, probably be back tomorrow. |
Fixed in 0.7.0, please try the new codapi binary. |
Indeed! Thank you very much for the fast response 😄 Please feel free to close this. |
Great! Thanks for reporting the issue. |
I was trying to get the self-hosted server running Alpine 3.19 to work but ran into problems when accessing the temporary files from the docker image:
The logs look similar:
The folder
/tmp
has the usual permissions.I've documented my setup [here][1]. Is there something I've misconfigured?
Thanks for your help in advance!
The text was updated successfully, but these errors were encountered: