PeeBeerBeach commented 3 months ago

⚠️ This issue respects the following points: ⚠️

[X] This is a bug, not a question or a configuration issue.
[X] This issue is not already reported on Github (I've searched it).

Bug description

I have a running instance of SFTPGO in docker and it suddenly stopped working with a host key error after updating the container:

2024-07-27T19:59:23.278 WRN error creating host key "id_rsa": open id_rsa: permission denied | sender=sftpd 2024-07-27T19:59:23.278 ERR could not start SFTP server: open id_rsa: permission denied | sender=service

Steps to reproduce

1.see above 2. 3.

Expected behavior

Should just run as it did before

SFTPGo version

v2.6.2-alpine

Data provider

MariaDB

Installation method

Community Docker image

Configuration

version: "3" services: sftpgo: image: "drakkan/sftpgo:alpine" user: '1006' restart: always ports:

HTTP

  - "8080:8080"
  # HTTPS
  - "456:443"
  # SFTP
  - "2044:2022"
environment:
  #Web access
  SFTPGO_HTTPD__BINDINGS__0__PORT: 8080
  SFTPGO_HTTPD__BINDINGS__0__ADDRESS: 0.0.0.0
  SFTPGO_DATA_PROVIDER__DRIVER: "mysql"
  SFTPGO_DATA_PROVIDER__NAME: "sftpgo"
  SFTPGO_DATA_PROVIDER__HOST: "192.168.1.35"
  SFTPGO_DATA_PROVIDER__PORT: 3306
  SFTPGO_DATA_PROVIDER__USERNAME: "..."
  SFTPGO_DATA_PROVIDER__PASSWORD: "..."
  #Defender Protection
  SFTPGO_COMMON__DEFENDER__ENABLED: "true"
  SFTPGO_COMMON__DEFENDER__BAN_TIME: 10080
  SFTPGO_COMMON__DEFENDER__BAN_TIME_INCREMENT: 20
  SFTPGO_COMMON__DEFENDER__THRESHOLD: 5
  SFTPGO_COMMON__DEFENDER__OBSERVATION_TIME: 15
  SFTPGO_HTTPD__BINDINGS__0__BRANDING__WEB_CLIENT__LOGO_PATH: "/img/login_image.png"
  SFTPGO_HTTPD__BINDINGS__0__BRANDING__WEB_CLIENT__NAME: "BeerBeach HomeBase"
  SFTPGO_HTTPD__BINDINGS__0__BRANDING__WEB_CLIENT__SHORT_NAME: "BeerBeach - identify"
  SFTPGO_HTTPD__BINDINGS__0__BRANDING__WEB_ADMIN__LOGO_PATH: "/img/login_image.png"
  SFTPGO_HTTPD__BINDINGS__0__SECURITY__ENABLED: true
  SFTPGO_SFTPD__BINDINGS__0__MAX_AUTH_TRIES: 3
  SFTPGO_SFTPD__BINDINGS__0__BANNER: "\__W31c0m3 t0 B33rB34ch__/"
volumes:
  - /srv/dev-disk-by-label-SSD_Data/appdata/sftpgoDocker/data:/srv/sftpgo
  - /srv/dev-disk-by-label-SSD_Data/appdata/sftpgoDocker/config/img:/usr/share/sftpgo/static/img
  - /ftp:/ftp # SKIP_BACKUP

networks: default: name: sftpgo

Relevant log output

`2024-07-27T19:59:23.278 WRN error creating host key "id_rsa": open id_rsa: permission denied | sender=sftpd
2024-07-27T19:59:23.278 ERR could not start SFTP server: open id_rsa: permission denied | sender=service`

What are you using SFTPGo for?

Private user, home usecase (home backup/VPS)

Additional info

No response

sdari-dvb commented 3 months ago

This error looks to be related to permission or ownership settings of the dir where the host keys are generated or stored. You might have to chown or chmod for the user 1006 so that it has access to the host keys directory.

PeeBeerBeach commented 3 months ago

Strange thing is that it appeared after updating the docker container. Worked fine for a long time before. I did not look into it yet because i was on vacation. Will check if it is a permission issue.

After my understanding the host keys are generated inside the container filesystem. I wonder how I am supposed to browse the containers filesystem to check filerights when it does not even start up. Is that even possible?

PeeBeerBeach commented 2 months ago

I remapped the config dir to a persistent folder to edit filerights. I don't get this. Still looks like a bug to me. SFTPGO still claims it cannot create a folder/file although rights are 777

docker file:

   environment:
       SFTPGO_CONFIG_DIR: '/srv/dev-disk-by-label-SSD_Data/appdata/sftpgoDocker/config

Log when starting docker:

2024-08-19T17:53:18.698 WRN error creating host key "/srv/dev-disk-by-label-SSD_Data/appdata/sftpgoDocker/config/id_rsa": mkdir /srv/dev-disk-by-label-SSD_Data: permission denied | sender=sftpd
2024-08-19T17:53:18.698 ERR could not start SFTP server: mkdir /srv/dev-disk-by-label-SSD_Data: permission denied | sender=service

CLI file permissions:

root@debnas:/srv/dev-disk-by-label-SSD_Data/appdata/sftpgoDocker# ls -l
drwxrwsrwx 3 dockeruser users 4096 19. Aug 18:59 config

So SFTPGO should be able to generate the host keys here, no?

PeeBeerBeach commented 2 months ago

Well my SFTPGO instance is not usable anymore for me as i cannot start it up anymore. How can i get this working again and keep the settings including users? Any idea?

It's not a super big deal as this is just used by me privately. But I actually have no clue how to get it up and running again.

drakkan commented 2 months ago

Hello,

thanks for using SFTPGo.

This is clearly a filesystem level permissions issue, it cannot be related to SFTPGo itself.

Check the permissions for the entire directory tree. I guess one of these directories /srv/dev-disk-by-label-SSD_Data/appdata/sftpgoDocker/config has 700 permissions or similar and therefore the sftpgo user cannot write there.

PeeBeerBeach commented 2 months ago

Thanks Drakkan. I would absolutely confirm what you are saying because it just looks like that. But I did a chmod 777 -R /srv/dev-disk-by-label-SSD_Data/appdata/sftpgoDocker I think you can agree that this does the trick!

PeeBeerBeach commented 2 months ago

To reassure you:

root@debnas:/srv/dev-disk-by-label-SSD_Data/appdata/sftpgoDocker# ls -Rl
.:
insgesamt 8
drwxrwsrwx 5 dockeruser users 4096 20. Aug 19:49 config
drwxrwsrwx 2 dockeruser users 4096 20. Aug 19:49 data

./config:
insgesamt 12
drwxrwsrwx 2 dockeruser users 4096 20. Aug 19:49 img
drwxrwsrwx 6 dockeruser users 4096 20. Aug 19:49 static.ld
drwxrwsrwx 2 dockeruser users 4096 20. Aug 19:49 templates

./config/img:
insgesamt 1320
-rwxrwxrwx 1 dockeruser users 1293448 20. Aug 19:49 login_image.png
-rwxrwxrwx 1 dockeruser users   54014 20. Aug 19:49 login_image.png.old

./config/static.ld:
insgesamt 36
drwxrwsrwx  2 dockeruser users  4096 20. Aug 19:49 css
-rwxrwxrwx  1 dockeruser users 16958 20. Aug 19:49 favicon.ico
drwxrwsrwx  2 dockeruser users  4096 20. Aug 19:49 img
drwxrwsrwx  2 dockeruser users  4096 20. Aug 19:49 js
drwxrwsrwx 17 dockeruser users  4096 20. Aug 19:49 vendor

./config/static.ld/css:
insgesamt 168
-rwxrwxrwx 1 dockeruser users 170743 20. Aug 19:49 sb-admin-2.min.css

./config/static.ld/img:
insgesamt 1404
-rwxrwxrwx 1 dockeruser users 1293448 20. Aug 19:49 login_image.png
-rwxrwxrwx 1 dockeruser users   54014 20. Aug 19:49 login_image.png.old
-rwxrwxrwx 1 dockeruser users   66679 20. Aug 19:49 login_image.png.original
-rwxrwxrwx 1 dockeruser users   14091 20. Aug 19:49 logo.png

./config/static.ld/js:
insgesamt 4
-rwxrwxrwx 1 dockeruser users 1265 20. Aug 19:49 sb-admin-2.min.js

./config/static.ld/vendor:
insgesamt 60
drwxrwsrwx 3 dockeruser users 4096 20. Aug 19:49 bootstrap
drwxrwsrwx 4 dockeruser users 4096 20. Aug 19:49 bootstrap-select
drwxrwsrwx 3 dockeruser users 4096 20. Aug 19:49 codemirror
drwxrwsrwx 2 dockeruser users 4096 20. Aug 19:49 datatables
drwxrwsrwx 2 dockeruser users 4096 20. Aug 19:49 daterangepicker
drwxrwsrwx 2 dockeruser users 4096 20. Aug 19:49 filepond
drwxrwsrwx 4 dockeruser users 4096 20. Aug 19:49 fontawesome-free
drwxrwsrwx 2 dockeruser users 4096 20. Aug 19:49 fonts
drwxrwsrwx 2 dockeruser users 4096 20. Aug 19:49 jquery
drwxrwsrwx 2 dockeruser users 4096 20. Aug 19:49 jquery-easing
drwxrwsrwx 5 dockeruser users 4096 20. Aug 19:49 lightbox2
drwxrwsrwx 3 dockeruser users 4096 20. Aug 19:49 moment
drwxrwsrwx 2 dockeruser users 4096 20. Aug 19:49 pdfobject
drwxrwsrwx 4 dockeruser users 4096 20. Aug 19:49 tempusdominus
drwxrwsrwx 2 dockeruser users 4096 20. Aug 19:49 video-js

./config/static.ld/vendor/bootstrap:
insgesamt 4
drwxrwsrwx 2 dockeruser users 4096 20. Aug 19:49 js

./config/static.ld/vendor/bootstrap/js:
insgesamt 148
-rwxrwxrwx 1 dockeruser users 83253 20. Aug 19:49 bootstrap.bundle.min.js
-rwxrwxrwx 1 dockeruser users 62440 20. Aug 19:49 bootstrap.min.js

./config/static.ld/vendor/bootstrap-select:
insgesamt 8
drwxrwsrwx 2 dockeruser users 4096 20. Aug 19:49 css
drwxrwsrwx 2 dockeruser users 4096 20. Aug 19:49 js

./config/static.ld/vendor/bootstrap-select/css:
insgesamt 12
-rwxrwxrwx 1 dockeruser users 11120 20. Aug 19:49 bootstrap-select.min.css

./config/static.ld/vendor/bootstrap-select/js:
insgesamt 52
-rwxrwxrwx 1 dockeruser users 52249 20. Aug 19:49 bootstrap-select.min.js

./config/static.ld/vendor/codemirror:
insgesamt 428
drwxrwsrwx 6 dockeruser users   4096 20. Aug 19:49 addon
-rwxrwxrwx 1 dockeruser users   8720 20. Aug 19:49 codemirror.css
-rwxrwxrwx 1 dockeruser users 401787 20. Aug 19:49 codemirror.js
-rwxrwxrwx 1 dockeruser users  15926 20. Aug 19:49 meta.js

./config/static.ld/vendor/codemirror/addon:
insgesamt 16
drwxrwsrwx 2 dockeruser users 4096 20. Aug 19:49 dialog
drwxrwsrwx 2 dockeruser users 4096 20. Aug 19:49 scroll
drwxrwsrwx 2 dockeruser users 4096 20. Aug 19:49 search
drwxrwsrwx 2 dockeruser users 4096 20. Aug 19:49 selection

./config/static.ld/vendor/codemirror/addon/dialog:
insgesamt 12
-rwxrwxrwx 1 dockeruser users  507 20. Aug 19:49 dialog.css
-rwxrwxrwx 1 dockeruser users 5252 20. Aug 19:49 dialog.js

./config/static.ld/vendor/codemirror/addon/scroll:
insgesamt 8
-rwxrwxrwx 1 dockeruser users 4630 20. Aug 19:49 annotatescrollbar.js

./config/static.ld/vendor/codemirror/addon/search:
insgesamt 44
-rwxrwxrwx 1 dockeruser users  2143 20. Aug 19:49 jump-to-line.js
-rwxrwxrwx 1 dockeruser users   188 20. Aug 19:49 matchesonscrollbar.css
-rwxrwxrwx 1 dockeruser users  3858 20. Aug 19:49 matchesonscrollbar.js
-rwxrwxrwx 1 dockeruser users  6216 20. Aug 19:49 match-highlighter.js
-rwxrwxrwx 1 dockeruser users 12234 20. Aug 19:49 searchcursor.js
-rwxrwxrwx 1 dockeruser users 11863 20. Aug 19:49 search.js

./config/static.ld/vendor/codemirror/addon/selection:
insgesamt 4
-rwxrwxrwx 1 dockeruser users 2509 20. Aug 19:49 active-line.js

./config/static.ld/vendor/datatables:
insgesamt 264
-rwxrwxrwx 1 dockeruser users  9095 20. Aug 19:49 buttons.bootstrap4.min.css
-rwxrwxrwx 1 dockeruser users  1585 20. Aug 19:49 buttons.bootstrap4.min.js
-rwxrwxrwx 1 dockeruser users  3342 20. Aug 19:49 buttons.colVis.min.js
-rwxrwxrwx 1 dockeruser users   181 20. Aug 19:49 colReorder.bootstrap4.min.css
-rwxrwxrwx 1 dockeruser users 11423 20. Aug 19:49 dataTables.bootstrap4.min.css
-rwxrwxrwx 1 dockeruser users  2342 20. Aug 19:49 dataTables.bootstrap4.min.js
-rwxrwxrwx 1 dockeruser users 25559 20. Aug 19:49 dataTables.buttons.min.js
-rwxrwxrwx 1 dockeruser users   568 20. Aug 19:49 dataTables.checkboxes.css
-rwxrwxrwx 1 dockeruser users 14079 20. Aug 19:49 dataTables.checkboxes.min.js
-rwxrwxrwx 1 dockeruser users 13332 20. Aug 19:49 dataTables.colReorder.min.js
-rwxrwxrwx 1 dockeruser users 11944 20. Aug 19:49 dataTables.fixedHeader.min.js
-rwxrwxrwx 1 dockeruser users 14657 20. Aug 19:49 dataTables.responsive.min.js
-rwxrwxrwx 1 dockeruser users 14174 20. Aug 19:49 dataTables.select.min.js
-rwxrwxrwx 1 dockeruser users  4222 20. Aug 19:49 ellipsis.js
-rwxrwxrwx 1 dockeruser users   265 20. Aug 19:49 fixedHeader.bootstrap4.min.css
-rwxrwxrwx 1 dockeruser users 86839 20. Aug 19:49 jquery.dataTables.min.js
-rwxrwxrwx 1 dockeruser users  4301 20. Aug 19:49 responsive.bootstrap4.min.css
-rwxrwxrwx 1 dockeruser users  1371 20. Aug 19:49 responsive.bootstrap4.min.js
-rwxrwxrwx 1 dockeruser users  1631 20. Aug 19:49 select.bootstrap4.min.css

./config/static.ld/vendor/daterangepicker:
insgesamt 40
-rwxrwxrwx 1 dockeruser users  8069 20. Aug 19:49 daterangepicker.css
-rwxrwxrwx 1 dockeruser users 32608 20. Aug 19:49 daterangepicker.min.js

./config/static.ld/vendor/filepond:
insgesamt 136
-rwxrwxrwx 1 dockeruser users  17447 20. Aug 19:49 filepond.min.css
-rwxrwxrwx 1 dockeruser users 117648 20. Aug 19:49 filepond.min.js

./config/static.ld/vendor/fontawesome-free:
insgesamt 8
drwxrwsrwx 2 dockeruser users 4096 20. Aug 19:49 css
drwxrwsrwx 2 dockeruser users 4096 20. Aug 19:49 webfonts

./config/static.ld/vendor/fontawesome-free/css:
insgesamt 68
-rwxrwxrwx 1 dockeruser users 57873 20. Aug 19:49 fontawesome.min.css
-rwxrwxrwx 1 dockeruser users   677 20. Aug 19:49 regular.min.css
-rwxrwxrwx 1 dockeruser users   669 20. Aug 19:49 solid.min.css

./config/static.ld/vendor/fontawesome-free/webfonts:
insgesamt 1728
-rwxrwxrwx 1 dockeruser users  34034 20. Aug 19:49 fa-regular-400.eot
-rwxrwxrwx 1 dockeruser users 144714 20. Aug 19:49 fa-regular-400.svg
-rwxrwxrwx 1 dockeruser users  33736 20. Aug 19:49 fa-regular-400.ttf
-rwxrwxrwx 1 dockeruser users  16276 20. Aug 19:49 fa-regular-400.woff
-rwxrwxrwx 1 dockeruser users  13224 20. Aug 19:49 fa-regular-400.woff2
-rwxrwxrwx 1 dockeruser users 203030 20. Aug 19:49 fa-solid-900.eot
-rwxrwxrwx 1 dockeruser users 918991 20. Aug 19:49 fa-solid-900.svg
-rwxrwxrwx 1 dockeruser users 202744 20. Aug 19:49 fa-solid-900.ttf
-rwxrwxrwx 1 dockeruser users 101648 20. Aug 19:49 fa-solid-900.woff
-rwxrwxrwx 1 dockeruser users  78268 20. Aug 19:49 fa-solid-900.woff2

./config/static.ld/vendor/fonts:
insgesamt 260
-rwxrwxrwx 1 dockeruser users 11560 20. Aug 19:49 LICENSE.txt
-rwxrwxrwx 1 dockeruser users   134 20. Aug 19:49 README.txt
-rwxrwxrwx 1 dockeruser users 82564 20. Aug 19:49 Roboto-Bold-webfont.woff
-rwxrwxrwx 1 dockeruser users 81348 20. Aug 19:49 Roboto-Light-webfont.woff
-rwxrwxrwx 1 dockeruser users 80304 20. Aug 19:49 Roboto-Regular-webfont.woff

./config/static.ld/vendor/jquery:
insgesamt 88
-rwxrwxrwx 1 dockeruser users 89795 20. Aug 19:49 jquery.min.js

./config/static.ld/vendor/jquery-easing:
insgesamt 8
-rwxrwxrwx 1 dockeruser users 1656 20. Aug 19:49 jquery.easing.compatibility.js
-rwxrwxrwx 1 dockeruser users 2302 20. Aug 19:49 jquery.easing.min.js

./config/static.ld/vendor/lightbox2:
insgesamt 12
drwxrwsrwx 2 dockeruser users 4096 20. Aug 19:49 css
drwxrwsrwx 2 dockeruser users 4096 20. Aug 19:49 images
drwxrwsrwx 2 dockeruser users 4096 20. Aug 19:49 js

./config/static.ld/vendor/lightbox2/css:
insgesamt 4
-rwxrwxrwx 1 dockeruser users 2532 20. Aug 19:49 lightbox.min.css

./config/static.ld/vendor/lightbox2/images:
insgesamt 24
-rwxrwxrwx 1 dockeruser users  280 20. Aug 19:49 close.png
-rwxrwxrwx 1 dockeruser users 8476 20. Aug 19:49 loading.gif
-rwxrwxrwx 1 dockeruser users 1350 20. Aug 19:49 next.png
-rwxrwxrwx 1 dockeruser users 1360 20. Aug 19:49 prev.png

./config/static.ld/vendor/lightbox2/js:
insgesamt 12
-rwxrwxrwx 1 dockeruser users 9483 20. Aug 19:49 lightbox.min.js

./config/static.ld/vendor/moment:
insgesamt 4
drwxrwsrwx 2 dockeruser users 4096 20. Aug 19:49 js

./config/static.ld/vendor/moment/js:
insgesamt 60
-rwxrwxrwx 1 dockeruser users 58103 20. Aug 19:49 moment.min.js

./config/static.ld/vendor/pdfobject:
insgesamt 8
-rwxrwxrwx 1 dockeruser users 5205 20. Aug 19:49 pdfobject.min.js

./config/static.ld/vendor/tempusdominus:
insgesamt 8
drwxrwsrwx 2 dockeruser users 4096 20. Aug 19:49 css
drwxrwsrwx 2 dockeruser users 4096 20. Aug 19:49 js

./config/static.ld/vendor/tempusdominus/css:
insgesamt 12
-rwxrwxrwx 1 dockeruser users 11963 20. Aug 19:49 tempusdominus-bootstrap-4.min.css

./config/static.ld/vendor/tempusdominus/js:
insgesamt 64
-rwxrwxrwx 1 dockeruser users 61588 20. Aug 19:49 tempusdominus-bootstrap-4.min.js

./config/static.ld/vendor/video-js:
insgesamt 592
-rwxrwxrwx 1 dockeruser users  43856 20. Aug 19:49 video-js.min.css
-rwxrwxrwx 1 dockeruser users 558087 20. Aug 19:49 video.min.js

./config/templates:
insgesamt 0

./data:
insgesamt 0

drakkan commented 2 months ago

Thanks Drakkan. I would absolutely confirm what you are saying because it just looks like that. But I did a chmod 777 -R /srv/dev-disk-by-label-SSD_Data/appdata/sftpgoDocker I think you can agree that this does the trick!

I generally don't suggest chmod 777, anyway what about the following folders?

/srv
/srv/dev-disk-by-label-SSD_Data
/srv/dev-disk-by-label-SSD_Data/appdata

are you sure the user running SFTPGo can at least read there?

PeeBeerBeach commented 2 months ago

No, SFTPGO cannot write in there. SFTPGO is only using folders below the appdata/sftpgoDocker folder after what i understand

drakkan commented 2 months ago

No, SFTPGO cannot write in there. SFTPGO is only using folders below the appdata/sftpgoDocker folder after what i understand

sftpgo user should at least be able to read parent directories. If a parent directory has permissions 700 or 750, sftpgo cannot write to any child directory even if the child directory has permissions 777

PeeBeerBeach commented 2 months ago

Parent directory of what?

Remember:

environment:
       SFTPGO_CONFIG_DIR: '/srv/dev-disk-by-label-SSD_Data/appdata/sftpgoDocker/config

SFTPGO has all rights on parent folder of config dir.

drakkan commented 2 months ago

Parent directory of what?

Remember:
environment:
       SFTPGO_CONFIG_DIR: '/srv/dev-disk-by-label-SSD_Data/appdata/sftpgoDocker/config
SFTPGO has all rights on parent folder of config dir.

https://github.com/drakkan/sftpgo/issues/1709#issuecomment-2299421991

PeeBeerBeach commented 2 months ago

Well i just gave SFTPGO permission to write to the parent /srv/dev-disk-by-label-SSD_Data/appdata That did not help.

I don't see that i will give it permission to write to my /srv folder which is the folder for all the drive mounts on my OS. I really don't get why that is required. There is nothing configured outside of the /srv/dev-disk-by-label-SSD_Data/appdata/sftpgoDocker/ folder so why would it need filerights to a wide area of my filesystem?

I have about 20 dockers running. None of them needs filerights outside of any configured directories. It just doesn't make sense, or i am just not getting it.

drakkan commented 2 months ago

Well i just gave SFTPGO permission to write to the parent /srv/dev-disk-by-label-SSD_Data/appdata That did not help.

I don't see that i will give it permission to write to my /srv folder which is the folder for all the drive mounts on my OS. I really don't get why that is required. There is nothing configured outside of the /srv/dev-disk-by-label-SSD_Data/appdata/sftpgoDocker/ folder so why would it need filerights to a wide area of my filesystem?

I have about 20 dockers running. None of them needs filerights outside of any configured directories. It just doesn't make sense, or i am just not getting it.

you need at least to give read permission to the parent directories (e.g. 755 or 750 and sftpgo group as owner), this is how posix permissions work

PeeBeerBeach commented 2 months ago

It has read permissions:

drwxr-xr-x 11 root users 4096 4. Mär 14:21 srv

drwxr-sr-x 5 root users 4096 9. Apr 17:11 dev-disk-by-label-SSD_Data

drwxrwsr-x+ 27 root users 4096 20. Aug 13:47 appdata

PeeBeerBeach commented 2 months ago

Maybe we have a misunderstanding here. srv/dev-disk-by-label-SSD_Data/appdata/sftpgoDocker/ is a folder outside the docker jailed filesystem but a folder on the host system.

I cannot make the sftpgo user own my /srv folder which is the root folder for all shared drives OS wide. Although the user dockeruser is part of the users group which owns all these directories

drakkan commented 2 months ago

Maybe we have a misunderstanding here. srv/dev-disk-by-label-SSD_Data/appdata/sftpgoDocker/ is a folder outside the docker jailed filesystem but a folder on the host system.

I cannot make the sftpgo user own my /srv folder which is the root folder for all shared drives OS wide.

you should make sure that sftpgo user can at least access this directory, otherwise is normal that cannot write to folders inside

PeeBeerBeach commented 2 months ago

Yes i understand and it can:

root@debnas:/# su dockeruser
cd /srv/dev-disk-by-label-SSD_Data
ls -l
insgesamt 40
drwxrwsr-x+ 27 root users  4096 20. Aug 13:47 appdata
-rw-------   1 root users  8192 20. Aug 00:25 aquota.group
-rw-------   1 root users  8192 20. Aug 00:25 aquota.user
drwx------   2 root root  16384 22. Okt 2017  lost+found
drwxrwsr-x   6 root users  4096 11. Jul 2018  www

root@debnas:/# cat /etc/passwd | grep 1006
dockeruser:x:1006:100:User unter dem Docker Container laufen:/srv/9379aef8-4c1e-43c1-ab84-31fd2aa5b875/Heimatverzeichnisse/dockeruser:/bin/dash

drakkan commented 2 months ago

ok, just mount the volume to a different path, so the container starts, open a shell inside the container and debug the permission issue with os tools

PeeBeerBeach commented 2 months ago

Well i don't get it. The docker should have read permission, so i dont know how to solve it. I did what you suggested and created a folder in root

drwxrwxrwx 4 dockeruser users 4096 21. Aug 17:52 sftpgoDocker SFTPGO docker has all access rights to it, but the error is identical.

2024-08-21T15:52:59.601 WRN error creating host key "/sftpgoDocker/id_rsa": mkdir /sftpgoDocker: permission denied | sender=sftpd
2024-08-21T15:52:59.601 ERR could not start SFTP server: mkdir /sftpgoDocker: permission denied | sender=service

Funny thing is that I do not even need the host keys and i do not need SFTP service. I just use the HTML part.

But i commented everything out regarding SFTP but still is trying to start it and fails at the id_rsa file. What i also do not understand that it worked fine and suddenly with an update it does not anymore.

Is there any way to switch off SFTP and this check for the host keys? I dont need it.

Also: i very much appreciate your support here. I know it is annoying and not something i take as granted. I am just stuck.

drakkan commented 2 months ago

to disable sftp set SFTPGO_SFTPD__BINDINGS__0__PORT to 0

PeeBeerBeach commented 2 months ago

Hallelulja. It works again! A thousand thanks for your time mate.

Still i have no idea what was happening before but i can use it again ;)

drakkan / sftpgo

[Bug]: error creating host key "id_rsa" #1709

⚠️ This issue respects the following points: ⚠️

Bug description

Steps to reproduce

Expected behavior

SFTPGo version

Data provider

Installation method

Configuration

HTTP

Relevant log output

What are you using SFTPGo for?

Additional info