Closed Pretender1988 closed 2 months ago
Did you change the user by setting the user
attribute (Docker user) on your Docker Compose service, or setting the PUID
and PGID
environment variables?
You need to set the UID/GID you want using the environment variables, and leave user
unset (or set to root:root
) on the Docker Compose service itself.
Also do not set UID or GID in any other way, as Callum wrote, you need to use the the first 2 variables in the https://github.com/jammsen/docker-palworld-dedicated-server/blob/develop/default.env file. Everything else does the work for you in the background.
Testing example for me is this: Dev-User on User and Group ID 1000
# Container-setttings
PUID=1002
PGID=1002
And the game directory now is owned by 1002:
-rwxr-xr-x 1 jammsen jammsen 3256 Feb 20 12:23 docker-compose-verywrong.yml
-rwxr-xr-x 1 jammsen jammsen 742 Apr 4 23:13 docker-compose.yml
drwxr-xr-x 2 jammsen jammsen 4096 Feb 27 18:43 docs
-rw-r--r-- 1 jammsen jammsen 1164 Mar 15 17:12 entrypoint.sh
drwxr-xr-x 7 testme testme 4096 Apr 4 23:38 game
-rwxr-xr-x 1 jammsen jammsen 2712093 Feb 21 19:40 gosu-amd64
drwxr-xr-x 2 jammsen jammsen 4096 Apr 4 22:45 includes
$ id testme
uid=1002(testme) gid=1002(testme) groups=1002(testme)
yes i did that ... for me it is the user 1040.
you can see in the beginning of the logs:
Current steam user PUID is '1000' and PGID is '1000' palworld_dedicated_server | > Setting new steam user PUID to '1040' and PGID to '100' palworld_dedicated_server | groupmod: GID '100' already exists palworld_dedicated_server | > id steam: uid=1000(steam) gid=1000(steam) groups=1000(steam) palworld_dedicated_server | >>> Starting server manager palworld_dedicated_server | > Started at: 2024-04-08 16:14:09
so no clue so far
after a min it looks again like that: Connecting anonymously to Steam Public...OK palworld_dedicated_server | Waiting for client config...OK palworld_dedicated_server | Waiting for user info...OK palworld_dedicated_server | Update state (0x5) verifying install, progress: 0.09 (2099239 / 2237883871) palworld_dedicated_server | Update state (0x5) verifying install, progress: 10.69 (239234004 / 2237883871) palworld_dedicated_server | Update state (0x5) verifying install, progress: 23.21 (519488389 / 2237883871) palworld_dedicated_server | Update state (0x5) verifying install, progress: 35.71 (799098416 / 2237883871) palworld_dedicated_server | Update state (0x5) verifying install, progress: 48.08 (1076002833 / 2237883871) palworld_dedicated_server | Update state (0x5) verifying install, progress: 60.50 (1353875473 / 2237883871) palworld_dedicated_server | Update state (0x5) verifying install, progress: 73.01 (1633845265 / 2237883871) palworld_dedicated_server | Update state (0x5) verifying install, progress: 85.25 (1907847333 / 2237883871) palworld_dedicated_server | Update state (0x5) verifying install, progress: 97.55 (2182984951 / 2237883871) palworld_dedicated_server | Success! App '2394010' fully installed. palworld_dedicated_server | >>> Done updating and validating the gameserver files palworld_dedicated_server | >>> Adding crons to Supercronic palworld_dedicated_server | > Added backup cron palworld_dedicated_server | >>> Supercronic started palworld_dedicated_server | /includes/server.sh: line 8: cd: /palworld: Permission denied palworld_dedicated_server exited with code 1
can I provide any information?
yes i did that ... for me it is the user 1040.
you can see in the beginning of the logs:
Current steam user PUID is '1000' and PGID is '1000' palworld_dedicated_server | > Setting new steam user PUID to '1040' and PGID to '100' palworld_dedicated_server | groupmod: GID '100' already exists palworld_dedicated_server | > id steam: uid=1000(steam) gid=1000(steam) groups=1000(steam) palworld_dedicated_server | >>> Starting server manager palworld_dedicated_server | > Started at: 2024-04-08 16:14:09
so no clue so far
If you look at your logs you can see its not getting adapted, there in lies the error. We use a oneliner to setup user and groups all together, but that oneliner returns to you, "that your group 100 already exists", so i doesnt do anything, which is evidenced by the next line, it still says its 1000 for both. Try changing your groupid to something that doesnt bug around.
It should look like this:
palworld-dedicated-server | > Current steam user PUID is '1000' and PGID is '1000'
palworld-dedicated-server | > Setting new steam user PUID to '1002' and PGID to '1002'
palworld-dedicated-server | > id steam: uid=1002(steam) gid=1002(steam) groups=1002(steam)
palworld-dedicated-server | >>> Starting server manager
palworld-dedicated-server | > Started at: 2024-04-08 17:10:56
To clarify, what i just said, because i feel like its not that obvious.
The error occours because groupmod tries to setup an id for the steam user and group, but the one you are givem is already present, therefore it errors out and not does anything, after that the problems just cascades ?downline?downstream?. You cant have 2 groups with the same id.
See: https://github.com/jammsen/docker-palworld-dedicated-server/blob/develop/entrypoint.sh#L18
Hello there,
I am one of the mentioned team members of Pretender1988. You have put me on the right track. The PGID used is the standard Linux user group for unprivileged users.
root@SynologyNAS:/volume2/docker/compose/palworld# docker exec -it palworld-dedicated-server /bin/bash
root@SynologyNAS:/home/steam/steamcmd# more /etc/group | grep 100
users:x:100:
As a workaround, I created another group on the host and used this PGID. Now this unassigned PGID can be used to successfully access the server.
Do you think that there is a way to re-use the ID of the group?
Edit: I took a closer look at the man-pages, groupmod -g changes the ID of a group, so it is clear that this cannot happen and the failure is imminent. The exit error in this case should be 4. In this case, it should be possible to catch the error and use groupmod -a instead.
If you add a user on Linux Derivates, you normally add a group too, just use that one. Also the 100 Groupid is internal in the base-image and the container, not on your host.
If you add a user on Linux Derivates, you normally add a group too, just use that one.
The Group ID 100 is the default user group for unprivileged users, at least on Debian, Ubuntu, Linux Mint and Synology. A reuse of the ID therefore seems obvious, especially on multi-user systems.
Also the 100 Groupid is internal in the base-image and the container, not on your host.
This does not make any sense to me. The ID is used on both sides, inside the container and on the host, because its the default user group on all these systems.
Yes, creating and using a different group id is possible, but im running 2 dozen containers, non had problems with the group id 100 so far.
If you add a user on Linux Derivates, you normally add a group too, just use that one.
The Group ID 100 is the default user group for unprivileged users, at least on Debian, Ubuntu, Linux Mint and Synology. A reuse of the ID therefore seems obvious, especially on multi-user systems.
I dont see what this has to do anything with what i wrote, but yeah might be, up to youm its your choice.
Also the 100 Groupid is internal in the base-image and the container, not on your host.
This does not make any sense to me. The ID is used on both sides, inside the container and on the host, because its the default user group on all these systems.
This was more like an example and explainer together.
My point was: You could use any other id too, its still only in your container that this group is actively hold/needed. And yes the "ID" is used inside and outside of the container for that file. But this doesnt mean you have to create the group outside of the container on the host. Its the same as doing this:
touch testfile
sudo chown 1234:1234 testfile
The file accepts it and as root you can read it, but everyone else cant, depending on your chmod permissions.
Yes, creating and using a different group id is possible, but im running 2 dozen containers, non had problems with the group id 100 so far.
Im not sure what you trying to say or maybe im failing to see your point. Are you running 2 dozen of Palworld-Containers or whats your point? That "no other container" did had this problem doesnt change the fact that not every image/container is equal. This container does things in a way to comply with not only Docker and Docker-Compose but also Portainer, QNAP, Synology and many other weird China NAS'es.
Whats your expectation here? I also dont understand why and how your Team and Team-Member status is relevant here? Please help me to understand.
Hi, I think what is happening is that users
group with gid 100 is a group that ships with many Linux distros as a means to share files and directories. This is an edge case where it could make sense to have the application run as a GID that already exists inside of the container.
Doing something like this might work (I have only tested that the server will start up successfully and not much else):
# entrypoint.sh
if [[ "${PUID}" -eq 0 ]] || [[ "${PGID}" -eq 0 ]]; then
ee ">>> Running Palworld as root is not supported, please fix your PUID and PGID!"
exit 1
elif [[ "$(id -u steam)" -ne "${PUID}" ]] || [[ "$(id -g steam)" -ne "${PGID}" ]]; then
ew "> Current $APP_USER user PUID is '$(id -u steam)' and PGID is '$(id -g steam)'"
ew "> Setting new $APP_USER user PUID to '${PUID}' and PGID to '${PGID}'"
if getent group "${PGID}" &>/dev/null; then
ew "> Group with GID ${PGID} exists. Change primary APP_GROUP"
APP_GROUP=$(getent group "${PGID}" | cut -d: -f1)
ew "> APP_GROUP is now $APP_GROUP"
else
groupmod -g "${PGID}" "$APP_GROUP"
fi
usermod -u "${PUID}" -g "${PGID}" "$APP_USER"
else
ew "> Current $APP_USER user PUID is '$(id -u steam)' and PGID is '$(id -g steam)'"
ew "> PUID and PGID matching what is requested for user $APP_USER"
fi
output:
palworld-dedicated-server-test | > Current steam user PUID is '1000' and PGID is '1000' palworld-dedicated-server-test | > Setting new steam user PUID to '1040' and PGID to '100' palworld-dedicated-server-test | > Group with GID 100 exists. Change primary APP_GROUP palworld-dedicated-server-test | > APP_GROUP is now users palworld-dedicated-server-test | > id steam: uid=1040(steam) gid=100(users) groups=100(users)
Thanks @Radical-Egg for the thoughts, but i feel like they dont made their case and didnt answer me on my open questions for 3 weeks now, im gonna inacticity close this now. (Also the team aspect here, confused me, am i now suppose the give support to a game-server hosting company? Feels weird without any context.)
And please also dont forget: IF you dont like the way "we" do things here, because we think and value the cosmos of people who use this and want support for, its an MIT License, just fork the code and make your own adaptations, there is no problems with that.
Have you read the Important information text above
Current behavior
We were successfully running the docker container for about 2 Month.
After restarting the Server today we got the following behavior: Connecting anonymously to Steam Public...OK palworld_dedicated_server | Waiting for client config...OK palworld_dedicated_server | Waiting for user info...OK palworld_dedicated_server | Update state (0x5) verifying install, progress: 0.14 (3145728 / 2237883871) palworld_dedicated_server | Update state (0x5) verifying install, progress: 11.53 (258063380 / 2237883871) palworld_dedicated_server | Update state (0x5) verifying install, progress: 23.73 (531022725 / 2237883871) palworld_dedicated_server | Update state (0x5) verifying install, progress: 36.18 (809584176 / 2237883871) palworld_dedicated_server | Update state (0x5) verifying install, progress: 48.60 (1087537169 / 2237883871) palworld_dedicated_server | Update state (0x5) verifying install, progress: 60.69 (1358069777 / 2237883871) palworld_dedicated_server | Update state (0x5) verifying install, progress: 73.01 (1633845265 / 2237883871) palworld_dedicated_server | Update state (0x5) verifying install, progress: 85.25 (1907847333 / 2237883871) palworld_dedicated_server | Update state (0x5) verifying install, progress: 97.55 (2182984951 / 2237883871) palworld_dedicated_server | Success! App '2394010' fully installed. palworld_dedicated_server | >>> Done updating and validating the gameserver files palworld_dedicated_server | >>> Adding crons to Supercronic palworld_dedicated_server | > Added backup cron palworld_dedicated_server | >>> Supercronic started palworld_dedicated_server | /includes/server.sh: line 8: cd: /palworld: Permission denied palworld_dedicated_server exited with code 1
We are not sure if that is based on the docker Image or the dedicated server. But it looks like it is setting all files to permission 1000:1000 and wondering if it can not access the folder /palworld anymore. This happens directly after the first client connection.
My team members can easily reproduce the issue on their server. Maybe you can have a look or have an idea where to look at?
If you need more information please let us know.
Kind Regards, Pretender
Desired behavior
it is running with my local docker user in my case 1040:100
we haven't changed other env. variables and using your example of docker-compose.yml and default.env
Links to screenshots
No response
To Reproduce
Software setup
Hardware setup
Additional context
No response