Permission in Vscode - Docker template
Hello,
I can run
sudo mkdir test to create dir, but not without sudo, did I do something wrong?
29 Replies
<#1276045862417600534>
Category
Help needed
Product
code-server
Platform
Linux
Logs
Please post any relevant logs/error messages.
hello
it seems that you are not creating the home directory for the user
This issue is kindda weird, but I believe because I mount a dir that non-root owned caused this issue
Not really coder fault, I'll check it when I'm back home
let me know
hey @ÙwÚ -- any luck?
Sorry still out of town, I'll give you a ping when I'm back if you dont mind:)
alright, no worries, just wanted to make sure!
hello just come back
ok so turn out my old template, which I mount ~/repo (I own this dir, not root), was editable before, now it's not, so I may need some help find out how do I fix that
@Phorcys what should I provide here? I think the content is pretty much similar to what I posted above
@ÙwÚ some of us are at Open Source Summit EU atm so the answers will likely be delayed a bit
i'll come back to you next week if no one has answered your questions
oh nah all good, i dont mind the wait, I can just mount one of dir root owned for now
could you send your template over?
this is within Coder right
ye happened in coder
you meant the main.tf right ?
note:
/media/ser3_decoyer/TOSHIBA/ is a root owned
/home/ser3_decoyer/repo/ is owned by ser3_decoyer
yes!
could you run the following commands and send their output?
-
id
- stat /home/Decoyerplease dont worry about
Decoyer/wibu, just the name different but they should have the same template config
does
mkdir /home/wibu/something work?
also, could you send the output of cat /etc/passwd | grep coder?
also, are wibu/Decoyer users that exist within the Coder workspace?let decide on 1 user for now, im logging as
wibu user
Decoyer was my previous workspace, I stopped it tho
anyways, here's mkdir return
hmm ok from the output ig wibu user doesnt exist ?alright so @ÙwÚ, the issue is related to permissions
in your case, the directory being mounted to
/home/wibu is owned by root, and rwx r-x r-x permissions (owner, group, other)
your coder user is not the owner or the group, so it falls in the "other" category of the permissions on that folder, and since it only has read and execute permissions, it can't create any files or foldersok im guessing it related to my dockerfile ?
the issue in your case is that the
coder user should not exist in the first place and be replaced by the username at image build timeim pulling it up
basically, when mounting the folder to
/home/<user> Docker sees that the directory doesn't exist and creates it with some default permissions
the way to fix this is to create the directory with the appropriate permissions before Docker mounts it, so the fix is to create the userI do have some basics with permissions, but not much with docker
so the problem was because I have USER=coder ? this is the docker file created with coder cli, so im not sure how it got there
well no
the problem is rather that the argument you are passing to the Docker image in your template to replace
coder by the user's name is not taking effect
either live with coder or try to find the root cause basically@Phorcys
ok I think I found the root cause, I remember now, I wanted to use a pre-built image when create container
then I used
docker build to create image colab-env-cpp b4 hand
docker build ./build -t colab-env-cpp
however this seems like not a proper way to use a pre-built image
how would you guys do it ?so the usual way would be to use CI/CD to build the image and then push to a registry (for example, you can use GHCR)
though if you plan on using a prebuilt image, then you will want to mount the persistent volume to
/home/coder instead of /home/<user>
hey @ÙwÚ, can we close this thread?Ye sure, still figuring out the prebuilt, but i think should be fine
@Phorcys closed the thread.