Closed biofects closed 3 weeks ago
I managed to get it to download some or all the videos, waiting on the sync to finish. I still get the error Permission denied
I'm getting the same thing. I'm wondering if it's an issue inside the container itself
So digging in a bit more I see the sub process of the app is styring to run as abc user and write to a root file. Im looking on how I cna modify that
I did try manually creating the folder/file and giving it 777 and even tried mounting it into the container from the local filesystem yet it still throws the error my side
I did try manually creating the folder/file and giving it 777 and even tried mounting it into the container from the local filesystem yet it still throws the error my side
So did I.. I am looking at the code not to see what is causing this
Looks like pyunifiprotect uses a new file it didn't before. Sorry I'm away at https://www.emfcamp.org/ and won't be able to look into it till next week. If someone does solve it though I will accept a pull request
Looks like pyunifiprotect uses a new file it didn't before. Sorry I'm away at https://www.emfcamp.org/ and won't be able to look into it till next week. If someone does solve it though I will accept a pull request
Have a great time. That looks awesome
Im going to try a simple hack in the docker_root run file and see if that works
# Create directory with permissions for user 'abc' (read, write, execute)
mkdir -p /root/.cache/ufp/ && chmod 700 /root/.cache/ufp/
# Create file with permissions for user 'abc' (read, write)
touch /root/.cache/ufp/sessions.json && chmod 600 /root/.cache/ufp/sessions.json
# Export Rclone config path
export RCLONE_CONFIG=/config/rclone/rclone.conf
# Check for verbosity flag
echo $VERBOSITY
# Set verbosity argument based on flag presence
[[ -n "$VERBOSITY" ]] && export VERBOSITY_ARG=-$VERBOSITY || export VERbosity_ARG=""
# Execute the command with s6-setuidgid
exec s6-setuidgid abc unifi-protect-backup ${VERBOSITY_ARG}```
Well need to see why I get make docker failure
docker buildx build . --platform linux/amd64,linux/arm64 -t ghcr.io/ep1cman/unifi-protect-backup --push
unknown flag: --platform
The makefile I think was for an older version of buildx.
Anyways, I got it working with a nasty hack of setting an env var XDG_CACHE_HOME to /tmp and it's working now. Loads of 401s but no more permission denied :)
hehe Yea Im doing a docker build now
hmm ok so far no luck this is super strange I added
RUN chown abc:abc /root/.cache/ufp
and it creates the file, it is there in the container but still same error
Im going to keep pokiing and figure this out (I hope)
hmm ok so far no luck this is super strange I added
RUN chown abc:abc /root/.cache/ufp
and it creates the file, it is there in the container but still same error
Im going to keep pokiing and figure this out (I hope)
Try move the chown to here if you haven't already. chowns dont work properly within the dockerfile, as the GUID and PUID for abc
are changed
hmm ok so far no luck this is super strange I added
RUN chown abc:abc /root/.cache/ufp
and it creates the file, it is there in the container but still same error Im going to keep pokiing and figure this out (I hope)
Try move the chown to here if you haven't already. chowns dont work properly within the dockerfile, as the GUID and PUID for
abc
are changed
Thanks
I moved it all to the 30- config, Still getting the same error
PermissionError: [Errno 13] Permission denied: '/root/.cache/ufp/sessions.json
The file is created and owned properly
-rw-r--r-- 1 abc abc 0 Jun 2 17:17 /root/.cache/ufp/sessions.json
This is a strange one but we shall see
hmm ok so far no luck this is super strange I added
RUN chown abc:abc /root/.cache/ufp
and it creates the file, it is there in the container but still same error Im going to keep pokiing and figure this out (I hope)
Try move the chown to here if you haven't already. chowns dont work properly within the dockerfile, as the GUID and PUID for
abc
are changedThanks I moved it all to the 30- config, Still getting the same error
PermissionError: [Errno 13] Permission denied: '/root/.cache/ufp/sessions.json
The file is created and owned properly
-rw-r--r-- 1 abc abc 0 Jun 2 17:17 /root/.cache/ufp/sessions.json
This is a strange one but we shall see
export the home to /config, just above where the service is executed export HOME=/config
. ufp should then create the cache in /config, then there should be no permission issues
Ok I have reverted everything and I added the export to the run file and looks like the errors are gone. I still get some errors
File "/usr/lib/python3.12/site-packages/unifi_protect_backup/downloader.py", line 144, in start
video = await self._download(event)
^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.12/site-packages/unifi_protect_backup/downloader.py", line 184, in _download
video = await self._protect.get_camera_video(event.camera_id, event.start, event.end)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.12/site-packages/pyunifiprotect/api.py", line 1206, in get_camera_video
return await self.api_request_raw(
^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.12/site-packages/pyunifiprotect/api.py", line 249, in api_request_raw
await self._os.verify_response(url, response)
File "/usr/lib/python3.12/site-packages/pyunifiprotect/session.py", line 332, in verify_response
raise NotAuthorized(msg % (url, response.status, reason))
Also when I restarted the test build a bunch of 401's were returned
All of these are fixing the symptom rather than the issue.
It seems pyunifiprotect now caches session details in a file, the path to which is either provided when instantiating ProtectApiClient
(done in unifi_protect_backup_core.py
) or it defaults to using a library called platformdirs
.
The correct solution would be to figure out why platform dirs is thinking the user is root when it isnt executed as root. My guess is s6-setuidgid
is not setting the uid/gid properly and somehow the root user is getting picked up by platformdirs
.
I do not have the time to look into this further right now but will at some point later in the week, or at the latest over the weekend.
According to: https://github.com/platformdirs/platformdirs/blob/2f7aecf2a1eaa95d0e60960a5cc1fc0651c4c90c/src/platformdirs/unix.py#L25
It looks like this library is based on a really big assumption, it is run in a desktop environment, not a command line environment. Should be easy enough to set the necessary env variable XDG_DATA_HOME
to something abc
has R/W access to, probably /config
This should be fixed in the latest dev container.
Description
On my OS I have a mount from a storage device to store my events. /Protect This is world readable and writable I have tested the latest and the dev version you have released bot throw different errors
What I Did
Dev version Docker Compose file
Error