batchiepatchie icon indicating copy to clipboard operation
batchiepatchie copied to clipboard
verified publisher icon AdRoll

/tmp and tmp/ permission denied

Open Fuuzetsu opened this issue 5 years ago • 6 comments

I'm trying to evaluate using batchiepatchie for our AWS Batch jobs. I tried follow instructions and use docker-compose up to get a locally running batchiepatchie. Sadly, it seems to fail

api_1         | 0:58:41 main        | Build Failed: 
api_1         |  go build github.com/AdRoll/batchiepatchie: mkdir tmp/: permission denied
batchiepatchie_api_1 exited with code 1

I peeked into the config and saw that it does something else with BUILD_ENV=PRODUCTION. So I tried it:

api_1         | go build github.com/AdRoll/batchiepatchie: copying /tmp/go-build184121519/b001/exe/a.out: open batchiepatchie: permission denied
batchiepatchie_api_1 exited with code 1

This failed as well. The UI does come up but fails to talk to the backend, obviously.

I'm not sure if I'm doing something wrong here...

Fuuzetsu avatar Sep 14 '20 01:09 Fuuzetsu

Seems it's some problem with fresh? https://github.com/gravityblast/fresh/issues/48

Fuuzetsu avatar Sep 14 '20 03:09 Fuuzetsu

Workaround was to mkdir tmp; chmod 0777 tmp in the directory... not that satisfactory.

Fuuzetsu avatar Sep 14 '20 03:09 Fuuzetsu

Are you able to tell more about your host environment? I tried to reproduce this problem but to no avail:

First tried it on Ubuntu 20.04, Docker version 19.03.8, build afacb8b7f0 and docker-compose version 1.24.0, build 0aa59064, with fresh volumes and images. docker-compose up --build worked out of box.

Then I tried it on macOS Catalina, Docker version 19.03.12, build 48a66213fe and docker-compose version 1.26.2, build eefe0d31, again with fresh volumes and images. And it all worked out.

I remember seeing this error in the past and I have a vague memory that I also understood why it happened but right now when I'm trying to remember the details I cannot :facepalm: We already do a bit of trickery in our docker_run.sh to mitigate permission issues.

Noeda avatar Sep 14 '20 18:09 Noeda

While I was not able to reproduce the issue, I have one possible fix:

in fresh.conf we can make it so that it says:

ignored: frontend
tmp_path: /tmp

By default, fresh uses the current directory to create a ./tmp. The docker-compose mounts the host current directory inside the container, so when fresh runs it creates that ./tmp and that ./tmp also will be visible on host side. On my tests, everything was still fine despite this but maybe in some environments this does not work correctly, messing up permissions.

If we move the tmp_path to system /tmp inside the docker container, then it won't be visible outside the host, might avoid permissions problems with the volumes and thus become more reliable.

@Fuuzetsu If you are still evaluating the software, it would help if you could test if the tmp_path: /tmp solution helps.

Noeda avatar Sep 14 '20 19:09 Noeda

Hi, I was facing the same issue, I tried mkdir tmp; chmod 0777 tmp this fixed the /tmp error, but now I'm getting this error -

go build api_1 | can't load package: package github.com/AdRoll/batchiepatchie: open /go/src/github.com/AdRoll/batchiepatchie: permission denied batchie_api_1 exited with code 1

Any idea about this one?

aditandadit avatar Mar 19 '21 06:03 aditandadit

@Fuuzetsu If you are still evaluating the software, it would help if you could test if the tmp_path: /tmp solution helps.

I completely forgot to follow-up.

A bit after posting, AWS released new version on the AWS Batch UI which while still not amazing, was definitely a lot better than before and for our currently limited needs, we decided to stick with it rather than trying to integrate batchiepatchie at this time. Maybe in the future we'll need the extended functionality of course.

Fuuzetsu avatar Mar 21 '21 13:03 Fuuzetsu