github-actions[bot]
commented
2 years ago Closed RudyBzhBzh closed 2 years ago
github-actions[bot]
commented
2 years ago 
aptalca
commented
2 years ago @RudyBzhBzh can you give this image a try? lspipepr/calibre:v5.39.1-pkg-02a38023-pr-79
RudyBzhBzh
commented
2 years ago @RudyBzhBzh can you give this image a try?
lspipepr/calibre:v5.39.1-pkg-02a38023-pr-79
Thanks for the try, but not better in my point of view ; no change.
$ sudo docker container ls | grep lspipepr
a325ab83fe85 lspipepr/calibre:v5.39.1-pkg-02a38023-pr-79 "/init" 10 minutes ago Up 10 minutes 3000/tcp, 3389/tcp, 0.0.0.0:8080-8081->8080-8081/tcp calibre-test
$ sudo docker container inspect calibre-test | egrep -i 'env|umask|lspipepr'
"Env": [
"UMASK=002",
"Image": "lspipepr/calibre:v5.39.1-pkg-02a38023-pr-79",
$ sudo docker exec -it calibre-test /bin/bash
xxxxxxxxxxxx John Schember # ll *
total 142
drwxrwsr-x 2 abc users 5 Mar 31 21:55 ./
drwxrwsr-x 3 abc users 3 Mar 31 21:55 ../
-rw-rw-r-- 1 abc users 40552 Mar 13 17:10 cover.jpg
-rw-rw-r-- 1 abc users 58131 Mar 17 07:29 'Guide de demarrage rapide - John Schember.epub'
-rw-rw-r-- 1 abc users 1436 Mar 31 21:55 metadata.opfJust rename the eBook with calibre content server (same effect with Calibre GUI through Guacamole) As you'll see, folder "." is changed from 775 to 755 & "metadata.opf" changed from 664 to 644 :
xxxxxxxxxxxx John Schember # ll *
total 104
drwxr-sr-x 2 abc users 5 Mar 31 22:08 ./
drwxrwsr-x 3 abc users 3 Mar 31 22:08 ../
-rw-rw-r-- 1 abc users 40552 Mar 13 17:10 cover.jpg
-rw-rw-r-- 1 abc users 58131 Mar 17 07:29 'Guide de demarrage rapide RENAME TEST - John Schember.epub'
-rw-r--r-- 1 abc users 1450 Mar 31 22:08 metadata.opfNo change on umask env value (possibly deliberate, it's just I don't understand "s6" way of done) :
xxxxxxxxxxxx ~ # id
uid=0(root) gid=0(root) groups=0(root)
xxxxxxxxxxxx ~ # umask
0022
abc@xxxxxxxxxxxx:~$ id
uid=1000(abc) gid=100(users) groups=100(users),27(sudo)
abc@xxxxxxxxxxxx:~$ umask
0022Another strange thing (for me), I've just discovered is that "calibre binary" is running and visible inside the container (normal), but also on the host (outside the container) :
$ sudo docker exec -it calibre-test /bin/bash
xxxxxxxxxxxx ~ # ps -aef | grep -i calibre
abc 633 631 0 21:53 ? 00:00:06 /opt/calibre/bin/calibre
abc 706 633 0 21:53 ? 00:00:00 /opt/calibre/bin/calibre-parallel --pipe-worker from calibre.utils.ipc.pool import run_main, worker_main; run_main(36, worker_main)
root 838 826 0 22:28 pts/0 00:00:00 grep --color=auto -i calibre
xxxxxxxxxxxx ~ # exit
exit
$ ps -aef | grep -i calibre
XYZ 44451 44449 0 21:53 ? 00:00:06 /opt/calibre/bin/calibre
XYZ 44524 44451 0 21:53 ? 00:00:00 /opt/calibre/bin/calibre-parallel --pipe-worker from calibre.utils.ipc.pool import run_main, worker_main; run_main(36, worker_main)
XYZ 45125 40774 0 22:28 pts/4 00:00:00 grep --color=auto -i calibreOf course, if I stop the container, calibre & calibre-parallel processes disappear on host (plus there's no "/opt/calibre/bin" folder on host)
Hope it can help. Don't know what else I can do.
RudyBzhBzh
commented
2 years ago Not sure if it will make sense to track the issue but none of the processes (calibre and all parents) are run with wanted umask :
xxxxxxxxxxxx ~ # ps -aef
UID PID PPID C STIME TTY TIME CMD
root 1 0 0 21:53 ? 00:00:00 s6-svscan -t0 /var/run/s6/services
root 38 1 0 21:53 ? 00:00:00 s6-supervise s6-fdholderd
root 454 1 0 21:53 ? 00:00:00 s6-supervise xrdp-sesman
root 455 1 0 21:53 ? 00:00:00 s6-supervise guacd
root 456 1 0 21:53 ? 00:00:00 s6-supervise xrdp
root 458 1 0 21:53 ? 00:00:00 s6-supervise autostart
root 459 1 0 21:53 ? 00:00:00 s6-supervise web
root 462 456 0 21:53 ? 00:00:00 /usr/sbin/xrdp --nodaemon
abc 464 459 0 21:53 ? 00:00:07 node app.js
root 466 458 0 21:53 ? 00:00:00 bash ./run
root 468 455 0 21:53 ? 00:00:00 /bin/bash ./run
root 470 454 0 21:53 ? 00:00:00 /usr/sbin/xrdp-sesman --nodaemon
root 475 468 0 21:53 ? 00:00:00 /usr/sbin/guacd -f -b 0.0.0.0 -l 4822
root 548 470 0 21:53 ? 00:00:00 /usr/sbin/xrdp-sesman --nodaemon
abc 549 548 0 21:53 ? 00:00:00 /usr/bin/openbox --startup /usr/lib/x86_64-linux-gnu/openbox-autostart OPENBOX
abc 550 548 0 21:53 ? 00:00:00 /usr/lib/xorg/Xorg :10 -auth .Xauthority -config xrdp/xorg.conf -noreset -nolisten tcp -logfile .xorgxrdp.%s.log
abc 589 548 0 21:53 ? 00:00:00 /usr/sbin/xrdp-chansrv
abc 615 1 0 21:53 ? 00:00:00 /usr/bin/dbus-launch --exit-with-session --sh-syntax
abc 616 1 0 21:53 ? 00:00:00 /usr/bin/dbus-daemon --syslog --fork --print-pid 5 --print-address 7 --session
abc 623 549 0 21:53 ? 00:00:00 /usr/bin/ssh-agent x-session-manager
abc 626 549 0 21:53 ? 00:00:00 /bin/sh /usr/lib/x86_64-linux-gnu/openbox-autostart OPENBOX
abc 631 626 0 21:53 ? 00:00:00 sh /config/.config/openbox/autostart
abc 633 631 0 21:53 ? 00:00:09 /opt/calibre/bin/calibre
abc 706 633 0 21:53 ? 00:00:00 /opt/calibre/bin/calibre-parallel --pipe-worker from calibre.utils.ipc.pool import run_main, worker_main; run_main(36, worker_main)
root 707 466 0 21:53 ? 00:00:00 sleep infinity
root 770 462 0 21:55 ? 00:00:00 [xrdp] <defunct>
root 840 0 0 23:00 pts/0 00:00:00 /bin/bash
root 866 475 0 23:03 ? 00:00:01 /usr/sbin/guacd -f -b 0.0.0.0 -l 4822
root 890 462 0 23:03 ? 00:00:00 /usr/sbin/xrdp --nodaemon
abc 908 633 0 23:03 ? 00:00:02 [AnnotSaveWorker] <defunct>
root 1046 840 0 23:18 pts/0 00:00:00 ps -aef
xxxxxxxxxxxx ~ # grep '^Umask:' "/proc/706/status"
Umask: 0022
xxxxxxxxxxxx ~ # grep '^Umask:' "/proc/633/status"
Umask: 0022
xxxxxxxxxxxx ~ # grep '^Umask:' "/proc/631/status"
Umask: 0022
xxxxxxxxxxxx ~ # grep '^Umask:' "/proc/626/status"
Umask: 0022
xxxxxxxxxxxx ~ # grep '^Umask:' "/proc/549/status"
Umask: 0022
xxxxxxxxxxxx ~ # grep '^Umask:' "/proc/548/status"
Umask: 0022
xxxxxxxxxxxx ~ # grep '^Umask:' "/proc/470/status"
Umask: 0022
xxxxxxxxxxxx ~ # grep '^Umask:' "/proc/454/status"
Umask: 0022
xxxxxxxxxxxx ~ # grep '^Umask:' "/proc/1/status"
Umask: 0022calibre-parallel <calibre < sh < openbox-autostart < openbox < xrdp-sesman < xrdp-sesman < s6-supervise xrdp-sesman
aptalca
commented
2 years ago Thanks. New build incoming. . .
Issue following discord discussion : https://discord.com/channels/354974912613449730/506925392603512839/955177175462584340
Expected Behavior
Running docker-calibre with parameter "-e UMASK=002" should be set for calibre & calibre-server services.
Current Behavior
Seems not to be the case. Still staying in umask default 022.
Steps to Reproduce
Start LSIO docker-calibre with umask=002 like this :
sudo docker run -d --name=calibre -e PUID=1000 -e PGID=100 -e UMASK=002 -p 8080:8080 -p 8081:8081 -v /opt/calibreDocker:/config -v /mnt/Calibre:/Calibre --restart unless-stopped lscr.io/linuxserver/calibreFind (or set) an eBook with permissions set as wanted :
Change metadata of this eBook, like a rename, with calibre GUI (through Guacamole Client) or calibre content server (web)
Check permissions (should be unchanged) :
Folder and metadata.opf have been changed with "umask 022" and not "umask 002" as wanted. Date is also modified, whereas .epub file is rename without date and permission changes (don't know why obviously).
Calibre seems to be run inside the container with openbox and umask parameter seems to be set correctly :
Regarding this, @aptalca said :
Environment
OS:
Running as an Unprivileged LXC under Proxmox
CPU architecture: x86_64 How docker service was installed:from the official docker repo
Command used to create docker container (run/create/compose/screenshot)
sudo docker run -d --name=calibre -e PUID=1000 -e PGID=100 -e UMASK=002 -p 8080:8080 -p 8081:8081 -v /opt/calibreDocker:/config -v /mnt/Calibre:/Calibre --restart unless-stopped lscr.io/linuxserver/calibreDocker logs