Open growly opened 1 year ago
Within the container the volumes seem to be mounted as root:
ll /home/aryap/src/bfg_mux_test_gf180mcu/openlane/bfg_mux_test/runs
total 8.0K
drwxr-xr-x 2 root root 4.0K Dec 5 06:30 22_12_04_22_30/
lrwxrwxrwx 1 root root 79 Dec 5 06:30 bfg_mux_test -> /home/aryap/src/bfg_mux_test_gf180mcu/openlane/bfg_mux_test/runs/22_12_04_22_30/
If I invoke docker without the -u $UID:$UID
flag I can access this path:
$ touch /home/aryap/src/bfg_mux_test_gf180mcu/openlane/bfg_mux_test/runs/22_12_04_22_30/test
touch: cannot touch ‘/home/aryap/src/bfg_mux_test_gf180mcu/openlane/bfg_mux_test/runs/22_12_04_22_30/test’: Permission denied
vs
$ docker run -it -v $(realpath /home/aryap/src/bfg_mux_test_gf180mcu/..):$(realpath /home/aryap/src/bfg_mux_test_gf180mcu/..) -v /home/aryap/src/bfg_mux_test_gf180mcu/dependencies/pdks:/home/aryap/src/bfg_mux_test_gf180mcu/dependencies/pdks -v /home/aryap/src/bfg_mux_test_gf180mcu/caravel:/home/aryap/src/bfg_mux_test_gf180mcu/caravel -v /home/aryap/src/bfg_mux_test_gf180mcu/dependencies/openlane_src:/openlane -v /home/aryap/src/bfg_mux_test_gf180mcu/mgmt_core_wrapper:/home/aryap/src/bfg_mux_test_gf180mcu/mgmt_core_wrapper -e PDK_ROOT=/home/aryap/src/bfg_mux_test_gf180mcu/dependencies/pdks -e PDK=gf180mcuC -e MISMATCHES_OK=1 -e CARAVEL_ROOT=/home/aryap/src/bfg_mux_test_gf180mcu/caravel -e OPENLANE_RUN_TAG=22_12_04_22_13 -e MCW_ROOT=/home/aryap/src/bfg_mux_test_gf180mcu/mgmt_core_wrapper efabless/openlane:2022.11.29 bash
OpenLane Container (235fa7a):/openlane$ touch /home/aryap/src/bfg_mux_test_gf180mcu/openlane/bfg_mux_test/runs/22_12_04_22_30/test
In the Makefile openlane/Makefile
, commenting out the -u flag to docker seems to fix the problem:
$ git diff
diff --git a/openlane/Makefile b/openlane/Makefile
index e1e116f..3d74d15 100644
--- a/openlane/Makefile
+++ b/openlane/Makefile
@@ -53,8 +53,8 @@ docker_startup_mode = $(shell test -t 0 && echo "-it" || echo "--rm" )
docker_run = \
docker run $(docker_startup_mode) \
$(docker_mounts) \
- $(docker_env) \
- -u $(shell id -u $(USER)):$(shell id -g $(USER))
+ $(docker_env) #\
+ #-u $(shell id -u $(USER)):$(shell id -g $(USER))
list:
@echo $(designs)
I found another machine where this works as intended. On that machine, this mount: -v $(realpath /home/aryap/src/bfg_mux_test_gf180mcu/..):$(realpath /home/aryap/src/bfg_mux_test_gf180mcu/..)
mounts as the given UID and GID. On my machine where this doesn't work, it mounts as root.
Both are running docker version 20.10.21.
what is the output of command id
in all permutations (i.e. outside the container, inside the container with and without -u
flag)
host environment:
uid=1002(aryap) gid=1002(aryap) groups=1002(aryap),24(cdrom),25(floppy),27(sudo),29(audio),30(dip),44(video),46(plugdev),109(netdev),113(bluetooth),118(scanner),1004(docker)
inside container with -u 1002:1002
flag:
uid=1002 gid=1002 groups=1002
without -u
flag:
uid=0(root) gid=0(root) groups=0(root)
It is interesting that with -u
id
output non root uid and gid while the volumes are mounted as root. Is this behavior consistent over different run directories?. Perhaps for some reason a run directory owned by root was created (for example due to runnig as a sudo make
).
Can you tree cleaning the runs directory of bfg_mux_test
. Then try again while keeping -u
and see if the same error persist.
I haven't touched sudo, I used the same steps to build caravel_user_project
on this machine as on my other machine (namely make setup
).
The mounted directory has my user's permissions (not root) in the host environment, so it's strange that it gets mounted as root. Other volumes are also consistently mounted as root on the problematic machine. I actually think this is a problem with docker or how it's configured, since I've seen this issue reported a bunch now without a clear cause.
Perhaps the only thing to do here is to make a note of this problem so that others can figure it out faster. Or add something like a permission test to the build scripts to determine if the -u
flag is necessary.
A similar issue was encountered elsewhere on Slack, for which the discussion is available here, and features various debugging steps, and screenshots/copy-paste of logs with every debugging steps: https://web.open-source-silicon.dev/t/12321953/hello-i-was-trying-to-use-caravel-template-to-start-using-op#823bdd1f-99a2-442f-ade1-268faaf739df
The proposed workaround did work, although not a long-term solution maybe... https://github.com/efabless/caravel_user_project/issues/221#issuecomment-1336838988
Thanks for submitting that bug, it helped while searching similar issues.
In my
caravel_user_project
-derived project I cannot runmake user_proj_example
or even my own design throughmake bfg_mux_test
. Both fail with a 'permission denied' error accessing a path in the docker container:I can to run docker successfully without root, e.g.
I can also run OpenLane through the usual OpenLane flow (i.e. `make test) successfully.