Permissions error

[aptonline]

I'm suddenly unable to upload files or create new users due to a permissions error. I haven't changed anything in terms of permissions on the server just recently updated Mobius to the latest version. I only noticed as I was able to create a user for the GPT bot which worked but once I restarted Mobius the bot was unable to login (and bot container crashed).

Checking the users folder I can see no account was created and checking the mobius container logs I can see that there was a permissions error creating the user file:

2024-04-20T12:06:09.349Z error Error handling transaction {"remoteAddr": "172.17.0.1:52164", "login": "XXXX", "name": "XXXX-XXXX", "err": "open /usr/local/var/mobius/config/Users/XXXX.yaml: permission denied"}

Testing and creating users in Hotline 1.2.3

EDIT: Anything to do with this change? https://github.com/jhalter/mobius/releases/tag/v0.11.1

[jhalter]

I suspect it's this change to run the server as a non-root user: #111

What do your file permissions look like for the config directory on the host OS?

[aptonline]

Ah I see, running the container on a Synology with elevated permissions since the issue started to see if that fixed the issue. The local mobius config folder is using admin permissions assigned (my login user).

The only thing I can think of is change the permissions for everyone to allow read/write but that will make things insecure 🤷‍♂️.

[aptonline]

Or if i add a user mobius with read/write permissions will that work?

Looking at the pull request you referenced they also specify UID and GUID, can these be given as environment variables for the docker run command?

[jhalter]

The UID and GID are baked into the Docker image that is built, so I think you'd need to grant UID 1001 or GID 1001 read-write access to the mounted directory. Giving everyone read-write would also work.

I will reflect on how to make this easier...

[aptonline]

will reflect on how to make this easier...

Maybe this might help: https://nickjanetakis.com/blog/running-docker-containers-as-a-non-root-user-with-a-custom-uid-and-gid

and this

https://docs.linuxserver.io/general/understanding-puid-and-pgid/#why-use-these

[jhalter]

Thanks for those links. I finally got around to testing this, and it's straightforward to pass the --user UID:GID argument with docker run to run the server as an arbitrary non-root user.

I've removed the user from the image and updated the README with how to run the container as a non-root user. #140