search

fhriley / kodi-headless-novnc

A headless, dockerized Kodi instance for a shared MySQL database, with the GUI accessible over HTTP (noVNC)
GNU General Public License v3.0
23 stars 7 forks source link

set uid/gid rather than force app:app #8

Closed thezoggy closed 1 year ago

thezoggy commented 1 year ago

While uid/gid is exposed, it looks like you do not set the docker user/group with it but instead try expect to add app:app and set that account. It looks like its erroring when trying to add the group with the gid if its already existing so there is a conflict:

For example with unraid, it runs dockers as nobody:users

# id nobody
uid=99(nobody) gid=100(users)

Setting KODI_GID set to 100 it errors as it already exists:

groupadd: GID '100' already exists
chown: invalid group: 'app:app'
chown: invalid group: 'app:app'
Traceback (most recent call last):
  File "/usr/bin/supervisord", line 33, in <module>
    sys.exit(load_entry_point('supervisor==4.2.1', 'console_scripts', 'supervisord')())
  File "/usr/lib/python3/dist-packages/supervisor/supervisord.py", line 361, in main
    go(options)
  File "/usr/lib/python3/dist-packages/supervisor/supervisord.py", line 371, in go
    d.main()
  File "/usr/lib/python3/dist-packages/supervisor/supervisord.py", line 72, in main
    self.options.make_logger()
  File "/usr/lib/python3/dist-packages/supervisor/options.py", line 1470, in make_logger
    loggers.handle_file(
  File "/usr/lib/python3/dist-packages/supervisor/loggers.py", line 415, in handle_file
    handler = FileHandler(filename)
  File "/usr/lib/python3/dist-packages/supervisor/loggers.py", line 160, in __init__
    self.stream = open(filename, mode)
PermissionError: [Errno 13] Permission denied: '/dev/fd/1'

crudely, setting KODI_PID but not setting KODI_GID, at least got the docker to start and work. just side effect is that files on the nas end up nobody:2000 due to gid not getting set.

Looking at other dockers, it looks like rather than trying to add user+group app with the guid/uid you add them with something that is not used, so your 2000:2000 but then you set set the uid/gid as the user passes with the vars.

Could also add umask to give users even further control. Example from another docker:

echo "---Checking if UID: ${UID} matches user---"
usermod -u ${UID} ${USER}
echo "---Checking if GID: ${GID} matches user---"
usermod -g ${GID} ${USER}
echo "---Setting umask to ${UMASK}---"
umask ${UMASK}

chown -R ${KODI_UID}:${KODI_GID} /data/.kodi /data/.cache /data/.config

btw the novnc addition to this makes it pretty slick to use

fhriley commented 1 year ago

Should be fixed. Let me know if it works for you.

thezoggy commented 1 year ago

yes sir, thank you very much! :)