ErsatzTV
ErsatzTV copied to clipboard
jasongdove
Docker can only run as root user
I tried changing the user for docker from root to my user and it fails to start. I imagine it's because the .local/share is owned by root on the docker image side.
services:
ersatz:
user: 1000:1000
image: jasongdove/ersatztv
- ersatz:/root/.local/share/ersatztv
logs
--- End of inner exception stack trace ---
at ErsatzTV.Program.Main(String[] args) in /source/ErsatzTV/Program.cs:line 25
at ErsatzTV.Program.<Main>(String[] args)
Unhandled exception. System.TypeInitializationException: The type initializer for 'ErsatzTV.Core.FileSystemLayout' threw an exception.
---> System.UnauthorizedAccessException: Access to the path '/.local/share' is denied.
---> System.IO.IOException: Permission denied
--- End of inner exception stack trace ---
at System.IO.FileSystem.CreateDirectory(String fullPath)
at System.IO.Directory.CreateDirectory(String path)
at System.Environment.GetFolderPathCore(SpecialFolder folder, SpecialFolderOption option)
at System.Environment.GetFolderPath(SpecialFolder folder, SpecialFolderOption option)
at ErsatzTV.Core.FileSystemLayout..cctor() in /source/ErsatzTV.Core/FileSystemLayout.cs:line 8
--- End of inner exception stack trace ---
at ErsatzTV.Program.Main(String[] args) in /source/ErsatzTV/Program.cs:line 25
at ErsatzTV.Program.<Main>(String[] args)
Unhandled exception. System.TypeInitializationException: The type initializer for 'ErsatzTV.Core.FileSystemLayout' threw an exception.
---> System.UnauthorizedAccessException: Access to the path '/.local/share' is denied.
---> System.IO.IOException: Permission denied
--- End of inner exception stack trace ---
at System.IO.FileSystem.CreateDirectory(String fullPath)
at System.IO.Directory.CreateDirectory(String path)
at System.Environment.GetFolderPathCore(SpecialFolder folder, SpecialFolderOption option)
at System.Environment.GetFolderPath(SpecialFolder folder, SpecialFolderOption option)
at ErsatzTV.Core.FileSystemLayout..cctor() in /source/ErsatzTV.Core/FileSystemLayout.cs:line 8
--- End of inner exception stack trace ---
at ErsatzTV.Program.Main(String[] args) in /source/ErsatzTV/Program.cs:line 25
at ErsatzTV.Program.<Main>(String[] args)
Thanks for the report, I'll look at improving this situation.
For now, you might be able to work around this by setting the XDG_DATA_HOME environment variable. When that variable is unset, it will fall back to ~/.local/share which is why you see /root/.local/share as the default target.
I was able to get things going as user 1000:1000 by adding the following lines to docker-compose (still running as root)
environment:
XDG_DATA_HOME: "/config"
volumes:
- "ersatztv:/config"
entrypoint: /bin/bash
stdin_open: true
tty: true
Then you can open another shell using docker exec and chown -R 1000:1000 /config. Finally, you can remove entrypoint, stdin_open, tty and add the user: 1000:1000 line and things should work.
chmod -R 1000:100 /config.
should be
chown -R 1000:100 /config
also, in your Docker group render doesn't exist, so this also needs a command like groupadd -g 107 render
FYI, if you change "etvconf:/root/.local/share/ersatztv" to "etvconf:/config", you have to copy the contents of folder "etvconf" to "etvconf/ersatztv"
Then you can open another shell using docker exec and
chown -R 1000:1000 /config. Finally, you can removeentrypoint,stdin_open,ttyand add theuser: 1000:1000line and things should work.
Actually those steps are not really necessary. Simplest way is simply to stop the container, and then go to the folder of the volume outside of the container and issue chown as root.
A full config could look like this:
ersatztv:
container_name: ersatztv
user: 1000:1000
environment:
- TZ=Europe/Berlin
- XDG_DATA_HOME=/config
ports:
- '8409:8409'
volumes:
- '/etc/ersatztv:/config'
- '/data/media/libraries:/data:ro'
restart: unless-stopped
image: jasongdove/ersatztv
This probably should be included in the docs, as this will prevent possible permission problems with media (for example with Jellyfin).
