vscode-remote-release
vscode-remote-release copied to clipboard
microsoft
Devcontainer fails with "remoteUser" with "mkdir: cannot create directory ‘/root’: Permission denied"
-
VSCode Version:
Version: 1.73.1 Commit: 6261075646f055b99068d3688932416f2346dd3b Date: 2022-11-09T03:54:53.913Z Electron: 19.0.17 Chromium: 102.0.5005.167 Node.js: 16.14.2 V8: 10.2.154.15-electron.0 OS: Linux x64 5.14.0-1054-oem Sandboxed: No -
Local OS Version: Ubuntu 20.04
-
Remote OS Version: Ubuntu 18.04
-
Remote Extension/Connection Type: Containers/Server
-
Logs:
[2022-12-08T13:27:09.218Z] Stop (83 ms): Run in container: uname -m
[2022-12-08T13:27:09.218Z] Start: Run in container: (cat /etc/os-release || cat /usr/lib/os-release) 2>/dev/null
[2022-12-08T13:27:09.219Z] NAME="Ubuntu"
VERSION="18.04.6 LTS (Bionic Beaver)"
ID=ubuntu
ID_LIKE=debian
PRETTY_NAME="Ubuntu 18.04.6 LTS"
VERSION_ID="18.04"
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
VERSION_CODENAME=bionic
UBUNTU_CODENAME=bionic
[2022-12-08T13:27:09.220Z]
[2022-12-08T13:27:09.220Z] Stop (2 ms): Run in container: (cat /etc/os-release || cat /usr/lib/os-release) 2>/dev/null
[2022-12-08T13:27:09.220Z] Start: Run in container: cat /etc/passwd
[2022-12-08T13:27:09.221Z] Stop (1 ms): Run in container: cat /etc/passwd
[2022-12-08T13:27:09.221Z] Start: Updating configuration state
[2022-12-08T13:27:09.225Z] Stop (4 ms): Updating configuration state
[2022-12-08T13:27:09.226Z] Start: Setup shutdown monitor
[2022-12-08T13:27:09.226Z] Forking shutdown monitor: /home/dima/.vscode/extensions/ms-vscode-remote.remote-containers-0.266.1/dist/shutdown/shutdownMonitorProcess /run/user/1000/vscode-remote-containers-6da2fc337d9acc87b102df1f9a3bef3253fbe77b.sock singleContainer Debug /home/dima/.config/Code/logs/20221208T152051/window1/exthost/ms-vscode-remote.remote-containers 1670506027518
[2022-12-08T13:27:09.229Z] Stop (3 ms): Setup shutdown monitor
[2022-12-08T13:27:09.230Z] Start: Run in container: test -d /root/.vscode-server
[2022-12-08T13:27:09.230Z]
[2022-12-08T13:27:09.230Z]
[2022-12-08T13:27:09.231Z] Exit code 1
[2022-12-08T13:27:09.231Z] Stop (1 ms): Run in container: test -d /root/.vscode-server
[2022-12-08T13:27:09.231Z] Start: Run in container: test -d /root/.vscode-remote
[2022-12-08T13:27:09.231Z]
[2022-12-08T13:27:09.232Z]
[2022-12-08T13:27:09.232Z] Exit code 1
[2022-12-08T13:27:09.232Z] Stop (1 ms): Run in container: test -d /root/.vscode-remote
[2022-12-08T13:27:09.232Z] Start: Run in container: test ! -f '/root/.vscode-server/data/Machine/.writeMachineSettingsMarker' && set -o noclobber && mkdir -p '/root/.vscode-server/data/Machine' && { > '/root/.vscode-server/data/Machine/.writeMachineSettingsMarker' ; } 2> /dev/null
[2022-12-08T13:27:09.233Z]
[2022-12-08T13:27:09.233Z] mkdir: cannot create directory ‘/root’: Permission denied
[2022-12-08T13:27:09.234Z] Exit code 1
[2022-12-08T13:27:09.234Z] Stop (2 ms): Run in container: test ! -f '/root/.vscode-server/data/Machine/.writeMachineSettingsMarker' && set -o noclobber && mkdir -p '/root/.vscode-server/data/Machine' && { > '/root/.vscode-server/data/Machine/.writeMachineSettingsMarker' ; } 2> /dev/null
[2022-12-08T13:27:09.234Z] Start: Run in container: cat /root/.vscode-server/data/Machine/settings.json
[2022-12-08T13:27:09.235Z]
[2022-12-08T13:27:09.235Z] cat: /root/.vscode-server/data/Machine/settings.json: Permission denied
[2022-12-08T13:27:09.235Z] Exit code 1
[2022-12-08T13:27:09.235Z] Stop (1 ms): Run in container: cat /root/.vscode-server/data/Machine/settings.json
[2022-12-08T13:27:09.235Z] Start: Run in container: test -d /root/.vscode-server/bin/6261075646f055b99068d3688932416f2346dd3b
[2022-12-08T13:27:09.235Z]
[2022-12-08T13:27:09.236Z]
[2022-12-08T13:27:09.236Z] Exit code 1
[2022-12-08T13:27:09.236Z] Stop (1 ms): Run in container: test -d /root/.vscode-server/bin/6261075646f055b99068d3688932416f2346dd3b
[2022-12-08T13:27:09.236Z] Start: Run in container: test -d /vscode/vscode-server/bin/linux-x64/6261075646f055b99068d3688932416f2346dd3b
[2022-12-08T13:27:09.236Z]
[2022-12-08T13:27:09.236Z]
[2022-12-08T13:27:09.237Z] Stop (1 ms): Run in container: test -d /vscode/vscode-server/bin/linux-x64/6261075646f055b99068d3688932416f2346dd3b
[2022-12-08T13:27:09.237Z] Start: Run in container: mkdir -p '/root/.vscode-server/bin' && ln -snf '/vscode/vscode-server/bin/linux-x64/6261075646f055b99068d3688932416f2346dd3b' '/root/.vscode-server/bin/6261075646f055b99068d3688932416f2346dd3b'
[2022-12-08T13:27:09.238Z]
[2022-12-08T13:27:09.238Z] mkdir: cannot create directory ‘/root’: Permission denied
[2022-12-08T13:27:09.238Z] Exit code 1
[2022-12-08T13:27:09.238Z] Stop (1 ms): Run in container: mkdir -p '/root/.vscode-server/bin' && ln -snf '/vscode/vscode-server/bin/linux-x64/6261075646f055b99068d3688932416f2346dd3b' '/root/.vscode-server/bin/6261075646f055b99068d3688932416f2346dd3b'
[2022-12-08T13:27:09.240Z] Command in container failed: mkdir -p '/root/.vscode-server/bin' && ln -snf '/vscode/vscode-server/bin/linux-x64/6261075646f055b99068d3688932416f2346dd3b' '/root/.vscode-server/bin/6261075646f055b99068d3688932416f2346dd3b'
[2022-12-08T13:27:09.240Z] mkdir: cannot create directory ‘/root’: Permission denied
[2022-12-08T13:27:09.240Z] Exit code
Steps to Reproduce:
- Prepare an image with a non-root user
- Add
"remoteUser": "non-root-user, - Reopen in container ==> Fails with the error above.
Does this issue occur when you try this locally?: No Does this issue occur when you try this locally and all extensions are disabled?: Yes
Please check the non-root-user's home folder is set to a folder owned by that user. Also make sure the HOME env variable is not set (that would overwrite the home folder for the user).
@chrmarti , thank you for the reply.
The non-root-user is indeed the owner of its home directory.
Once I log in as this user, the variable HOME points to the correct directory.
From what I see in the logs, vscode does not even try to reach the user's directory; instead, it directly goes for the root.
I do not know if it's related but I'm having a similar issue under docker-desktop (on top of WSL2).
My Dockerfile ends with:
RUN groupadd --gid 1000 vscode
RUN adduser --home-dir /vscode --create-home --gid 1000 --uid 1000 vscode
USER 1000:1000
ENV HOME=
I therefore hope that
$HOMEis NOT defined ...
But running env in the container shows $HOME exists anyway and points to the USER home.
What can we do about it ?
I set "remoteUser": "vscode" in devcontainer.json.
then devcontainers fails :
[14741 ms] Command in container failed: mkdir -p '/vscode/.vscode-server/bin' && ln -snf '/vscode/vscode-server/bin/linux-x64/441438abd1ac652551dbe4d408dfcec8a499b8bf' '/vscode/.vscode-server/bin/441438abd1ac652551dbe4d408dfcec8a499b8bf'
[14741 ms] mkdir: cannot create directory '/vscode/.vscode-server': Permission denied
My investigation show that although the user running the container seems to be vscode, the home folder is owned by the root user...
The base container however is properly configured.
Looking at the logs I can see that devcontainers did some house keeping (log modified to remove sensitive data: sorry):
[9728 ms] Start: Run: docker build -f /tmp/devcontainercli-xxxxxxx/updateUID.Dockerfile-0.29.0 -t vsc-xxxxxxx-f38313021df90ff025ac1d488395e7f9-uid --build-arg BASE_IMAGE=vsc-xxxxxx-f38313021df90ff025ac1d488395e7f9 --build-arg REMOTE_USER=vscode --build-arg NEW_UID=1000 --build-arg NEW_GID=1000 --build-arg IMAGE_USER=1000:1000 /tmp/devcontainercli-xxxxxx/empty-folder
However this does NOT mess the user folder permissions ...
Then eventually devcontainer crashes the rocket in the wall:
[10942 ms] Start: Run: docker run --sig-proxy=false -a STDOUT -a STDERR --mount source=/home/xxx/Projects/xxx,target=/xxx,type=bind,consistency=cached --mount type=volume,src=vscode,dst=/vscode --mount type=bind,src=/mnt/wslg/runtime-dir/wayland-0,dst=/tmp/vscode-wayland-e6cd6acda416c30909a8d3df2612ecd17d23fe09.sock -l devcontainer.local_folder=\\wsl.localhost\Ubuntu\home\xxx\Projects\xxx -l devcontainer.config_file=/home/xxx/Projects/xxx/.devcontainer/devcontainer.json -u vscode --entrypoint /bin/sh vsc-xxx-f38313021df90ff025ac1d488395e7f9-uid -c echo Container started
... why ? : notice the --mount type=volume,src=vscode,dst=/vscode
Because files in the volume mount named vscode are owned by root...
... they therefore override the permissions carefully set by the previous devcontainer stages.
From my perspective this cannot work. ... or i do not understand how devcontainer creates the vscode volume that it shares with the container...
BTW: I use (vscode 1.75.1)
P.S.
In my case adding
"remoteEnv": { "HOME": "" },
to the devcontainer.json file made my day... ... I can't tell why though ?
Podman sets HOME to /root which then misleads the extension. We could ignore HOME and always check /etc/passwd.
same problem with the later Dev Container (version > v0.266.1) but works with (version == v0.266.1)
Here is the log from Dev Containers window output. I did not set user.
I connect to container through remote ssh:
localhost -> remote machine(sgjur-**-**) -> (yyx-model-runtime) container in remote machine
[33 ms] Dev Containers 0.282.0 in VS Code 1.76.0 (92da9481c0904c6adfe372c12da3b7748d74bdcb).
[33 ms] Start: Resolving Remote
[35 ms] Setting up container: /yyx-model-runtime
[35 ms] Host: ssh://sgjur-**-**
[40 ms] Start: Run: ssh sgjur-**-** /bin/sh
[42 ms] Start: Run in host: id -un
[2330 ms] scotty
[2330 ms]
[2331 ms] Start: Run in host: cat /etc/passwd
[2426 ms] Start: Run in host: echo ~
[2514 ms] /home/scotty
[2514 ms]
[2515 ms] Start: Run in host: test -x '/home/scotty/.vscode-remote-containers/bin/92da9481c0904c6adfe372c12da3b7748d74bdcb/node'
[2600 ms]
[2600 ms]
[2601 ms] Start: Run in host: test -f '/home/scotty/.vscode-remote-containers/dist/vscode-remote-containers-server-0.282.0.js'
[2686 ms]
[2686 ms]
[2771 ms] userEnvProbe: loginInteractiveShell (default)
[2772 ms] userEnvProbe: not found in cache
[2772 ms] userEnvProbe shell: /bin/sh
[4779 ms] Start: Run in Host: /bin/sh
[4882 ms] Start: Run in container: for pid in `cd /proc && ls -d [0-9]*`; do { echo $pid ; readlink /proc/$pid/cwd ; readlink /proc/$pid/ns/mnt ; cat /proc/$pid/stat | tr "
[12775 ms] userEnvProbe is taking longer than 10 seconds. Avoid waiting for user input in your shell's startup scripts. Continuing.
[12862 ms] Start: Run in Host: docker inspect --type container /yyx-model-runtime
[13381 ms] Start: Check Docker is running
[13382 ms] Start: Run in Host: docker version --format {{.Server.APIVersion}}
[13553 ms] Server API version: 1.41
[14074 ms] Command failed: mkdir -p /.vscode-remote-containers/dist/dev-containers-cli-0.282.0-5ad0f741-5732-4893-81cd-ee1ed1ab1c89/dist/spec-node
[14074 ms] mkdir: cannot create directory '/.vscode-remote-containers': Permission denied
[14074 ms] Exit code 1
[59844 ms] userEnvProbe
Had a similar issue when attaching to a remote container:
mkdir: cannot create directory '/.vscode-remote-containers': Permission denied
As suggested by @Alwaysproblem, downgrading Dev Containers to 0.266.1 fixed it.
Hello @chrmarti, similar to @Alwaysproblem, my $HOME is set to /root
@Alwaysproblem @leopoldmaillard Continuing with the issue you are reporting in #8298.
This issue has been closed automatically because it needs more information and has not had recent activity. See also our issue reporting guidelines.
Happy Coding!
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
Still getting this on v0.327.0. I tried with the following options also (python-3 container)
"runArgs": [
"--userns=keep-id"
],
"containerEnv": {
"HOME": "/home/vscode"
},
"remoteEnv": {
"HOME": "/home/vscode"
},
"containerUser": "vscode",
"remoteUser": "vscode"
Fedora Silverblue 39 podman version 4.8.1
Container logs
[2023-12-29T03:31:43.012Z] Dev Containers 0.327.0 in VS Code 1.85.1 (0ee08df0cf4527e40edc9aa28f4b5bd38bbff2b2).
[2023-12-29T03:31:43.012Z] Start: Resolving Remote
[2023-12-29T03:31:43.054Z] Setting up container for folder or workspace: /var/home/brady/project
[2023-12-29T03:31:43.056Z] Start: Check Docker is running
[2023-12-29T03:31:43.056Z] Start: Run: podman version --format {{.Server.APIVersion}}
[2023-12-29T03:31:43.079Z] Stop (23 ms): Run: podman version --format {{.Server.APIVersion}}
[2023-12-29T03:31:43.079Z] Server API version: 4.8.1
[2023-12-29T03:31:43.079Z] Stop (23 ms): Check Docker is running
[2023-12-29T03:31:43.080Z] Start: Run: podman volume ls -q
[2023-12-29T03:31:43.100Z] Stop (20 ms): Run: podman volume ls -q
[2023-12-29T03:31:43.101Z] Start: Run: podman ps -q -a --filter label=vsch.local.folder=/var/home/brady/project --filter label=vsch.quality=stable
[2023-12-29T03:31:43.125Z] Stop (24 ms): Run: podman ps -q -a --filter label=vsch.local.folder=/var/home/brady/project --filter label=vsch.quality=stable
[2023-12-29T03:31:43.125Z] Start: Run: podman ps -q -a --filter label=devcontainer.local_folder=/var/home/brady/project --filter label=devcontainer.config_file=/var/home/brady/project/.devcontainer/devcontainer.json
[2023-12-29T03:31:43.150Z] Stop (25 ms): Run: podman ps -q -a --filter label=devcontainer.local_folder=/var/home/brady/project --filter label=devcontainer.config_file=/var/home/brady/project/.devcontainer/devcontainer.json
[2023-12-29T03:31:43.151Z] Start: Run: podman inspect --type container 4dbec323c5a6
[2023-12-29T03:31:43.177Z] Stop (26 ms): Run: podman inspect --type container 4dbec323c5a6
[2023-12-29T03:31:43.177Z] Start: Run: podman ps -q -a --filter label=devcontainer.local_folder=/var/home/brady/project
[2023-12-29T03:31:43.201Z] Stop (24 ms): Run: podman ps -q -a --filter label=devcontainer.local_folder=/var/home/brady/project
[2023-12-29T03:31:43.201Z] Start: Run: podman inspect --type container 4dbec323c5a6
[2023-12-29T03:31:43.226Z] Stop (25 ms): Run: podman inspect --type container 4dbec323c5a6
[2023-12-29T03:31:43.227Z] Start: Run: /usr/share/code/code --ms-enable-electron-run-as-node /var/home/brady/.vscode/extensions/ms-vscode-remote.remote-containers-0.327.0/dist/spec-node/devContainersSpecCLI.js read-configuration --docker-path podman --docker-compose-path podman-compose --workspace-folder /var/home/brady/project --id-label devcontainer.local_folder=/var/home/brady/project --id-label devcontainer.config_file=/var/home/brady/project/.devcontainer/devcontainer.json --log-level debug --log-format json --config /var/home/brady/project/.devcontainer/devcontainer.json --mount-workspace-git-root
[2023-12-29T03:31:43.395Z] @devcontainers/cli 0.54.1. Node.js v18.15.0. linux 6.6.8-200.fc39.x86_64 x64.
[2023-12-29T03:31:43.395Z] Start: Run: git rev-parse --show-cdup
[2023-12-29T03:31:43.401Z] Stop (6 ms): Run: git rev-parse --show-cdup
[2023-12-29T03:31:43.402Z] Start: Run: podman ps -q -a --filter label=devcontainer.local_folder=/var/home/brady/project --filter label=devcontainer.config_file=/var/home/brady/project/.devcontainer/devcontainer.json
[2023-12-29T03:31:43.424Z] Stop (22 ms): Run: podman ps -q -a --filter label=devcontainer.local_folder=/var/home/brady/project --filter label=devcontainer.config_file=/var/home/brady/project/.devcontainer/devcontainer.json
[2023-12-29T03:31:43.425Z] Start: Run: podman inspect --type container 4dbec323c5a6
[2023-12-29T03:31:43.449Z] Stop (24 ms): Run: podman inspect --type container 4dbec323c5a6
[2023-12-29T03:31:43.453Z] Stop (226 ms): Run: /usr/share/code/code --ms-enable-electron-run-as-node /var/home/brady/.vscode/extensions/ms-vscode-remote.remote-containers-0.327.0/dist/spec-node/devContainersSpecCLI.js read-configuration --docker-path podman --docker-compose-path podman-compose --workspace-folder /var/home/brady/project --id-label devcontainer.local_folder=/var/home/brady/project --id-label devcontainer.config_file=/var/home/brady/project/.devcontainer/devcontainer.json --log-level debug --log-format json --config /var/home/brady/project/.devcontainer/devcontainer.json --mount-workspace-git-root
[2023-12-29T03:31:43.453Z] Start: Run: /usr/share/code/code --ms-enable-electron-run-as-node /var/home/brady/.vscode/extensions/ms-vscode-remote.remote-containers-0.327.0/dist/spec-node/devContainersSpecCLI.js up --user-data-folder /var/home/brady/.config/Code/User/globalStorage/ms-vscode-remote.remote-containers/data --docker-path podman --docker-compose-path podman-compose --container-session-data-folder /tmp/devcontainers-3bd4a17f-fec8-4790-b253-781c1cc197c51703820702581 --workspace-folder /var/home/brady/project --workspace-mount-consistency cached --id-label devcontainer.local_folder=/var/home/brady/project --id-label devcontainer.config_file=/var/home/brady/project/.devcontainer/devcontainer.json --log-level debug --log-format json --config /var/home/brady/project/.devcontainer/devcontainer.json --default-user-env-probe loginInteractiveShell --mount type=volume,source=vscode,target=/vscode,external=true --skip-post-create --update-remote-user-uid-default on --mount-workspace-git-root
[2023-12-29T03:31:43.619Z] @devcontainers/cli 0.54.1. Node.js v18.15.0. linux 6.6.8-200.fc39.x86_64 x64.
[2023-12-29T03:31:43.619Z] Start: Run: podman buildx version
[2023-12-29T03:31:43.657Z] Stop (38 ms): Run: podman buildx version
[2023-12-29T03:31:43.657Z] buildah 1.33.2
[2023-12-29T03:31:43.657Z]
[2023-12-29T03:31:43.658Z] Start: Resolving Remote
[2023-12-29T03:31:43.659Z] Start: Run: git rev-parse --show-cdup
[2023-12-29T03:31:43.662Z] Stop (3 ms): Run: git rev-parse --show-cdup
[2023-12-29T03:31:43.769Z] Start: Run: podman ps -q -a --filter label=devcontainer.local_folder=/var/home/brady/project --filter label=devcontainer.config_file=/var/home/brady/project/.devcontainer/devcontainer.json
[2023-12-29T03:31:43.790Z] Stop (21 ms): Run: podman ps -q -a --filter label=devcontainer.local_folder=/var/home/brady/project --filter label=devcontainer.config_file=/var/home/brady/project/.devcontainer/devcontainer.json
[2023-12-29T03:31:43.791Z] Start: Run: podman inspect --type container 4dbec323c5a6
[2023-12-29T03:31:43.815Z] Stop (24 ms): Run: podman inspect --type container 4dbec323c5a6
[2023-12-29T03:31:43.815Z] Start: Starting container
[2023-12-29T03:31:43.815Z] Start: Run: podman start 4dbec323c5a695b09420cc113aeac91ac88435925c5525df58e24a5b68212fe1
[2023-12-29T03:31:44.048Z] Stop (233 ms): Run: podman start 4dbec323c5a695b09420cc113aeac91ac88435925c5525df58e24a5b68212fe1
[2023-12-29T03:31:44.049Z] Stop (234 ms): Starting container
[2023-12-29T03:31:44.049Z] Start: Run: podman ps -q -a --filter label=devcontainer.local_folder=/var/home/brady/project --filter label=devcontainer.config_file=/var/home/brady/project/.devcontainer/devcontainer.json
[2023-12-29T03:31:44.071Z] Stop (22 ms): Run: podman ps -q -a --filter label=devcontainer.local_folder=/var/home/brady/project --filter label=devcontainer.config_file=/var/home/brady/project/.devcontainer/devcontainer.json
[2023-12-29T03:31:44.071Z] Start: Run: podman inspect --type container 4dbec323c5a6
[2023-12-29T03:31:44.095Z] Stop (24 ms): Run: podman inspect --type container 4dbec323c5a6
[2023-12-29T03:31:44.096Z] Start: Inspecting container
[2023-12-29T03:31:44.096Z] Start: Run: podman inspect --type container 4dbec323c5a695b09420cc113aeac91ac88435925c5525df58e24a5b68212fe1
[2023-12-29T03:31:44.120Z] Stop (24 ms): Run: podman inspect --type container 4dbec323c5a695b09420cc113aeac91ac88435925c5525df58e24a5b68212fe1
[2023-12-29T03:31:44.120Z] Stop (24 ms): Inspecting container
[2023-12-29T03:31:44.121Z] Start: Run in container: /bin/sh
[2023-12-29T03:31:44.123Z] Start: Run in container: uname -m
[2023-12-29T03:31:44.255Z] x86_64
[2023-12-29T03:31:44.255Z]
[2023-12-29T03:31:44.255Z] Stop (132 ms): Run in container: uname -m
[2023-12-29T03:31:44.255Z] Start: Run in container: (cat /etc/os-release || cat /usr/lib/os-release) 2>/dev/null
[2023-12-29T03:31:44.256Z] PRETTY_NAME="Debian GNU/Linux 11 (bullseye)"
NAME="Debian GNU/Linux"
VERSION_ID="11"
VERSION="11 (bullseye)"
VERSION_CODENAME=bullseye
ID=debian
HOME_URL="https://www.debian.org/"
SUPPORT_URL="https://www.debian.org/support"
BUG_REPORT_URL="https://bugs.debian.org/"
[2023-12-29T03:31:44.256Z]
[2023-12-29T03:31:44.256Z] Stop (1 ms): Run in container: (cat /etc/os-release || cat /usr/lib/os-release) 2>/dev/null
[2023-12-29T03:31:44.256Z] Start: Run in container: (command -v getent >/dev/null 2>&1 && getent passwd 'vscode' || grep -E '^vscode|^[^:]*:[^:]*:vscode:' /etc/passwd || true)
[2023-12-29T03:31:44.257Z] Stop (1 ms): Run in container: (command -v getent >/dev/null 2>&1 && getent passwd 'vscode' || grep -E '^vscode|^[^:]*:[^:]*:vscode:' /etc/passwd || true)
[2023-12-29T03:31:44.258Z] Start: Run in container: test -f '/var/devcontainer/.patchEtcEnvironmentMarker'
[2023-12-29T03:31:44.258Z]
[2023-12-29T03:31:44.258Z]
[2023-12-29T03:31:44.258Z] Stop (0 ms): Run in container: test -f '/var/devcontainer/.patchEtcEnvironmentMarker'
[2023-12-29T03:31:44.258Z] Start: Run in container: test -f '/var/devcontainer/.patchEtcProfileMarker'
[2023-12-29T03:31:44.258Z]
[2023-12-29T03:31:44.258Z]
[2023-12-29T03:31:44.258Z] Stop (0 ms): Run in container: test -f '/var/devcontainer/.patchEtcProfileMarker'
[2023-12-29T03:31:44.258Z] Stop (600 ms): Resolving Remote
[2023-12-29T03:31:44.262Z] Stop (809 ms): Run: /usr/share/code/code --ms-enable-electron-run-as-node /var/home/brady/.vscode/extensions/ms-vscode-remote.remote-containers-0.327.0/dist/spec-node/devContainersSpecCLI.js up --user-data-folder /var/home/brady/.config/Code/User/globalStorage/ms-vscode-remote.remote-containers/data --docker-path podman --docker-compose-path podman-compose --container-session-data-folder /tmp/devcontainers-3bd4a17f-fec8-4790-b253-781c1cc197c51703820702581 --workspace-folder /var/home/brady/project --workspace-mount-consistency cached --id-label devcontainer.local_folder=/var/home/brady/project --id-label devcontainer.config_file=/var/home/brady/project/.devcontainer/devcontainer.json --log-level debug --log-format json --config /var/home/brady/project/.devcontainer/devcontainer.json --default-user-env-probe loginInteractiveShell --mount type=volume,source=vscode,target=/vscode,external=true --skip-post-create --update-remote-user-uid-default on --mount-workspace-git-root
[2023-12-29T03:31:44.262Z] Start: Run: podman inspect --type container 4dbec323c5a695b09420cc113aeac91ac88435925c5525df58e24a5b68212fe1
[2023-12-29T03:31:44.405Z] Stop (143 ms): Run: podman inspect --type container 4dbec323c5a695b09420cc113aeac91ac88435925c5525df58e24a5b68212fe1
[2023-12-29T03:31:44.405Z] Start: Run: podman exec -i -u root 4dbec323c5a695b09420cc113aeac91ac88435925c5525df58e24a5b68212fe1 /bin/sh -c echo "New container started. Keep-alive process started." ; export VSCODE_REMOTE_CONTAINERS_SESSION=3bd4a17f-fec8-4790-b253-781c1cc197c51703820702581 ; /bin/sh
[2023-12-29T03:31:44.409Z] Start: Run: /usr/share/code/code --ms-enable-electron-run-as-node /var/home/brady/.vscode/extensions/ms-vscode-remote.remote-containers-0.327.0/dist/spec-node/devContainersSpecCLI.js read-configuration --docker-path podman --docker-compose-path podman-compose --workspace-folder /var/home/brady/project --id-label devcontainer.local_folder=/var/home/brady/project --id-label devcontainer.config_file=/var/home/brady/project/.devcontainer/devcontainer.json --container-id 4dbec323c5a695b09420cc113aeac91ac88435925c5525df58e24a5b68212fe1 --log-level debug --log-format json --config /var/home/brady/project/.devcontainer/devcontainer.json --include-merged-configuration --mount-workspace-git-root
[2023-12-29T03:31:44.582Z] @devcontainers/cli 0.54.1. Node.js v18.15.0. linux 6.6.8-200.fc39.x86_64 x64.
[2023-12-29T03:31:44.582Z] Start: Run: git rev-parse --show-cdup
[2023-12-29T03:31:44.588Z] Stop (6 ms): Run: git rev-parse --show-cdup
[2023-12-29T03:31:44.588Z] Start: Run: podman inspect --type container 4dbec323c5a695b09420cc113aeac91ac88435925c5525df58e24a5b68212fe1
[2023-12-29T03:31:44.616Z] New container started. Keep-alive process started.
[2023-12-29T03:31:44.669Z] Stop (81 ms): Run: podman inspect --type container 4dbec323c5a695b09420cc113aeac91ac88435925c5525df58e24a5b68212fe1
[2023-12-29T03:31:44.674Z] Stop (265 ms): Run: /usr/share/code/code --ms-enable-electron-run-as-node /var/home/brady/.vscode/extensions/ms-vscode-remote.remote-containers-0.327.0/dist/spec-node/devContainersSpecCLI.js read-configuration --docker-path podman --docker-compose-path podman-compose --workspace-folder /var/home/brady/project --id-label devcontainer.local_folder=/var/home/brady/project --id-label devcontainer.config_file=/var/home/brady/project/.devcontainer/devcontainer.json --container-id 4dbec323c5a695b09420cc113aeac91ac88435925c5525df58e24a5b68212fe1 --log-level debug --log-format json --config /var/home/brady/project/.devcontainer/devcontainer.json --include-merged-configuration --mount-workspace-git-root
[2023-12-29T03:31:44.674Z] Start: Inspecting container
[2023-12-29T03:31:44.674Z] Start: Run: podman inspect --type container 4dbec323c5a695b09420cc113aeac91ac88435925c5525df58e24a5b68212fe1
[2023-12-29T03:31:44.699Z] Stop (25 ms): Run: podman inspect --type container 4dbec323c5a695b09420cc113aeac91ac88435925c5525df58e24a5b68212fe1
[2023-12-29T03:31:44.699Z] Stop (25 ms): Inspecting container
[2023-12-29T03:31:44.700Z] Start: Run in container: /bin/sh
[2023-12-29T03:31:44.704Z] Start: Run in container: uname -m
[2023-12-29T03:31:44.827Z] x86_64
[2023-12-29T03:31:44.827Z]
[2023-12-29T03:31:44.827Z] Stop (123 ms): Run in container: uname -m
[2023-12-29T03:31:44.827Z] Start: Run in container: (cat /etc/os-release || cat /usr/lib/os-release) 2>/dev/null
[2023-12-29T03:31:44.828Z] PRETTY_NAME="Debian GNU/Linux 11 (bullseye)"
NAME="Debian GNU/Linux"
VERSION_ID="11"
VERSION="11 (bullseye)"
VERSION_CODENAME=bullseye
ID=debian
HOME_URL="https://www.debian.org/"
SUPPORT_URL="https://www.debian.org/support"
BUG_REPORT_URL="https://bugs.debian.org/"
[2023-12-29T03:31:44.828Z]
[2023-12-29T03:31:44.828Z] Stop (1 ms): Run in container: (cat /etc/os-release || cat /usr/lib/os-release) 2>/dev/null
[2023-12-29T03:31:44.828Z] Start: Run in container: (command -v getent >/dev/null 2>&1 && getent passwd 'vscode' || grep -E '^vscode|^[^:]*:[^:]*:vscode:' /etc/passwd || true)
[2023-12-29T03:31:44.829Z] Stop (1 ms): Run in container: (command -v getent >/dev/null 2>&1 && getent passwd 'vscode' || grep -E '^vscode|^[^:]*:[^:]*:vscode:' /etc/passwd || true)
[2023-12-29T03:31:44.830Z] Start: Setup shutdown monitor
[2023-12-29T03:31:44.830Z] Forking shutdown monitor: /var/home/brady/.vscode/extensions/ms-vscode-remote.remote-containers-0.327.0/dist/shutdown/shutdownMonitorProcess /run/user/1000/vscode-remote-containers-0ad4bd17-5471-4837-898a-8c36f5e22779.sock singleContainer Debug /var/home/brady/.config/Code/logs/20231228T214316/window2/exthost/ms-vscode-remote.remote-containers 1703820702992
[2023-12-29T03:31:44.834Z] Stop (4 ms): Setup shutdown monitor
[2023-12-29T03:31:44.835Z] Start: Run in container: test -d /root/.vscode-server
[2023-12-29T03:31:44.836Z]
[2023-12-29T03:31:44.836Z]
[2023-12-29T03:31:44.836Z] Exit code 1
[2023-12-29T03:31:44.836Z] Stop (1 ms): Run in container: test -d /root/.vscode-server
[2023-12-29T03:31:44.836Z] Start: Run in container: test -d /root/.vscode-remote
[2023-12-29T03:31:44.836Z]
[2023-12-29T03:31:44.836Z]
[2023-12-29T03:31:44.837Z] Exit code 1
[2023-12-29T03:31:44.837Z] Stop (1 ms): Run in container: test -d /root/.vscode-remote
[2023-12-29T03:31:44.837Z] Start: Run in container: test ! -f '/root/.vscode-server/data/Machine/.writeMachineSettingsMarker' && set -o noclobber && mkdir -p '/root/.vscode-server/data/Machine' && { > '/root/.vscode-server/data/Machine/.writeMachineSettingsMarker' ; } 2> /dev/null
[2023-12-29T03:31:44.838Z]
[2023-12-29T03:31:44.838Z] mkdir: cannot create directory ‘/root’: Permission denied
[2023-12-29T03:31:44.838Z] Exit code 1
[2023-12-29T03:31:44.838Z] Stop (1 ms): Run in container: test ! -f '/root/.vscode-server/data/Machine/.writeMachineSettingsMarker' && set -o noclobber && mkdir -p '/root/.vscode-server/data/Machine' && { > '/root/.vscode-server/data/Machine/.writeMachineSettingsMarker' ; } 2> /dev/null
[2023-12-29T03:31:44.839Z] Start: Run in container: cat /root/.vscode-server/data/Machine/settings.json
[2023-12-29T03:31:44.840Z]
[2023-12-29T03:31:44.840Z] cat: /root/.vscode-server/data/Machine/settings.json: Permission denied
[2023-12-29T03:31:44.840Z] Exit code 1
[2023-12-29T03:31:44.840Z] Stop (1 ms): Run in container: cat /root/.vscode-server/data/Machine/settings.json
[2023-12-29T03:31:44.840Z] Start: Run in container: test -d /root/.vscode-server/bin/0ee08df0cf4527e40edc9aa28f4b5bd38bbff2b2
[2023-12-29T03:31:44.840Z]
[2023-12-29T03:31:44.841Z]
[2023-12-29T03:31:44.841Z] Exit code 1
[2023-12-29T03:31:44.841Z] Stop (1 ms): Run in container: test -d /root/.vscode-server/bin/0ee08df0cf4527e40edc9aa28f4b5bd38bbff2b2
[2023-12-29T03:31:44.841Z] Start: Run in container: test -d /vscode/vscode-server/bin/linux-x64/0ee08df0cf4527e40edc9aa28f4b5bd38bbff2b2
[2023-12-29T03:31:44.841Z]
[2023-12-29T03:31:44.841Z]
[2023-12-29T03:31:44.841Z] Stop (0 ms): Run in container: test -d /vscode/vscode-server/bin/linux-x64/0ee08df0cf4527e40edc9aa28f4b5bd38bbff2b2
[2023-12-29T03:31:44.841Z] Start: Run in container: mkdir -p '/root/.vscode-server/bin' && ln -snf '/vscode/vscode-server/bin/linux-x64/0ee08df0cf4527e40edc9aa28f4b5bd38bbff2b2' '/root/.vscode-server/bin/0ee08df0cf4527e40edc9aa28f4b5bd38bbff2b2'
[2023-12-29T03:31:44.842Z]
[2023-12-29T03:31:44.842Z] mkdir: cannot create directory ‘/root’: Permission denied
[2023-12-29T03:31:44.843Z] Exit code 1
[2023-12-29T03:31:44.843Z] Stop (2 ms): Run in container: mkdir -p '/root/.vscode-server/bin' && ln -snf '/vscode/vscode-server/bin/linux-x64/0ee08df0cf4527e40edc9aa28f4b5bd38bbff2b2' '/root/.vscode-server/bin/0ee08df0cf4527e40edc9aa28f4b5bd38bbff2b2'
[2023-12-29T03:31:44.845Z] Command in container failed: mkdir -p '/root/.vscode-server/bin' && ln -snf '/vscode/vscode-server/bin/linux-x64/0ee08df0cf4527e40edc9aa28f4b5bd38bbff2b2' '/root/.vscode-server/bin/0ee08df0cf4527e40edc9aa28f4b5bd38bbff2b2'
[2023-12-29T03:31:44.845Z] mkdir: cannot create directory ‘/root’: Permission denied
[2023-12-29T03:31:44.845Z] Exit code 1
Looks like main issue related with using user: "1000:1000" in docker-compose.yaml or in parameters for docker run.
I just removed this one from docker compose and created user with ID 1000 inside Dockerfile and defined it by USER nonroot - and it started to works
For me it looks like inside Docker file no defined any user so Devcontainer started use /root/ directory but can not due parameter user: "1000:1000"
Note that this also affects new-container experience (via Dev Containers: New Dev Container...), so bootstrapping containers on podman desktop can be... difficult.
For anyone this may help, this is the extent of what I needed to add to the default "Node & TypeScript" devcontainer.json to get it running in rootless Podman:
"runArgs": [
"--userns=keep-id" // For Podman
],
"containerUser": "node", // For Podman
I've seen many recommendations for setting the HOME env var via containerEnv, but this doesn't seem to be necessary for me when setting containerUser.
For anyone this may help, this is the extent of what I needed to add to the default "Node & TypeScript"
devcontainer.jsonto get it running in rootless Podman:"runArgs": [ "--userns=keep-id" // For Podman ], "containerUser": "node", // For Podman
You can also make the userns default in podman by setting environment variable PODMAN_USERNS=keep-id or in its config file and then the devcontainer.json should work with both podman and docker, because the containerUser should be the same in both and is just not getting properly detected with podman.
FWIW: this worked for me (with mcr.microsoft.com/devcontainers/base:bookworm):
"remoteEnv": {
"PODMAN_USERNS": "keep-id"
},
"containerUser": "vscode"
I'm also seeing this (and I use Podman). I'm inexperienced with devcontainers, so advice such as @pjoe gave doesn't help me much. I have a bare C# project (just created with dotnet new), to which I've added a .devcontainers.json file containing this:
{
"image": "mcr.microsoft.com/devcontainers/dotnet:1-9.0-bookworm",
"remoteEnv": {
"PODMAN_USERNS": "keep-id"
}
}
When I open VSCode in this directory, the extension notices that there's a .devcontainers.json file, and offers to reload the window in a container. When I allow it to do that, I get the same failure noted above (mkdir: cannot create directory '/root': Permission denied).
It really would be nice if the developers of various tools and extensions tested with Podman, now that Docker is unavailable to many of us.
I do not use Podman. I simply want to open a host folder for which root has no permission and which is mounted in the container. I tried all the solutions presented here unsetting/setting home in remoteEvn and containerEnv, changing containerUser and remoteUser. Either the container is executed as root which doesn't allow me to enter the mounted folder, or I get the mkdir: cannot create directory ‘/root’: Permission denied error described in the first post. Note, outside of vscode, executing docker exec --user $(id -u):$(id -g) -it mycontainer /bin/bash gives me no problems.
