search

linuxserver / docker-radarr

GNU General Public License v3.0
640 stars 103 forks source link

PGID not respected #179

Closed Kline- closed 2 years ago

Kline- commented 2 years ago

linuxserver.io

The group the radarr process runs under on the host OS is not respecting the PGID environment variable. It is running under the user's default group.

Expected Behavior

The process runs under the group specified by PGID.

Current Behavior

The process is running under the user's default group.

Steps to Reproduce

  1. Start the container with PGID set to a group other than the user's default
  2. ps -o euid,uid,ruid,egid,gid,rgid,supgid -p $pid
  3. Observe that supgid is incorrect

Environment

OS: Debian/stable CPU architecture: x86_64/ How docker service was installed: Distro repo

Command used to create docker container (run/create/compose/screenshot)

  radarr:
    container_name: "radarr"
    image: "linuxserver/radarr:latest"
    depends_on:
      - "nzbget"
      - "nzbhydra2"
    environment:
      - "PUID=1001"
      - "PGID=1002"
      - "TZ=America/Chicago"
    networks:
      - "bridge"
    restart: "unless-stopped"
    volumes:
      - "/home/docker/radarr:/config"
      - "/home/storage/downloads/processed/Movies:/movies"
      - "/home/storage/downloads/complete/Movies:/downloads"

Docker logs

root@aurora:/# ps aux | grep -i radarr
root     2065414  0.0  0.0    204     0 ?        S    Jul05   0:00 s6-supervise radarr
docker   2065417  0.2  0.8 2767216 295908 ?      Ssl  Jul05   8:17 /app/radarr/bin/Radarr -nobrowser -data=/config
root     2533796  0.0  0.0   6312   668 pts/0    S+   20:04   0:00 grep --color=auto -i radarr

root@aurora:/# ps -o euid,uid,ruid,egid,gid,rgid,supgid -p 2065417
 EUID   UID  RUID  EGID   GID  RGID SUPGID
 1001  1001  1001  1001  1001  1001 1000,1001

root@aurora:/# grep 1001 /etc/passwd
docker:x:1001:1001::/home/docker:/bin/sh

root@aurora:/# grep 1001 /etc/group
docker:x:1001:

root@aurora:/# grep 1002 /etc/group
storage:x:1002:matt,docker

Not sure why supgid is reporting 1000 instead of 1002. I kept running into weird permission errors with this container on folders that were properly chmod 775 and chown to group 1002 on the host. Temporarily chmod 777 to get things working properly, but obviously not an ideal solution. FWIW I also use the linuxserver/sonarr container with near identical docker-compose and it works properly.

  sonarr:
    container_name: "sonarr"
    image: "linuxserver/sonarr:latest"
    depends_on:
      - "nzbget"
      - "nzbhydra2"
    environment:
      - "PUID=1001"
      - "PGID=1002"
      - "TZ=America/Chicago"
    networks:
      - "bridge"
    restart: "unless-stopped"
    volumes:
      - "/home/docker/sonarr:/config"
      - "/home/storage/media/tv:/tv"
      - "/home/storage/downloads/complete/TV:/downloads"
root@aurora:/# ps aux | grep -i sonarr
root     1227931  0.0  0.0    204     0 ?        S    Jun29   0:00 s6-supervise sonarr
docker   1227934  0.5  0.6 1787064 203712 ?      Ssl  Jun29  72:46 mono --debug Sonarr.exe -nobrowser -data=/config
root     2552786  0.0  0.0   6312  2584 pts/0    S+   20:13   0:00 grep --color=auto -i sonarr

root@aurora:/# ps -o euid,uid,ruid,egid,gid,rgid,supgid -p 1227934
 EUID   UID  RUID  EGID   GID  RGID SUPGID
 1001  1001  1001  1002  1002  1002 100,1002

It looks like the issue is that no group is being set here:

https://github.com/linuxserver/docker-radarr/blob/dd854558cb42432b1bc368efe0627ad452016edb/root/etc/services.d/radarr/run#L6

compared to:

https://github.com/linuxserver/docker-sonarr/blob/ec525be096b1ed2f75b88c35f560720957a8552b/root/etc/services.d/sonarr/run#L6

github-actions[bot] commented 2 years ago

Thanks for opening your first issue here! Be sure to follow the bug or feature issue templates!

Roxedus commented 2 years ago

The runfile is the same for sonarr and radarr. Please post logs.

Kline- commented 2 years ago

Mistook mono for the group name rather than the daemon arg in sonaar, my bad. Here's a fresh restart log, GID is still the default group as shown from the previous ps output.

root@aurora:~# docker restart radarr
radarr
root@aurora:~# docker logs radarr --since 5m
[Info] Microsoft.Hosting.Lifetime: Application is shutting down... 
[Info] ConsoleApp: Exiting main. 
[cont-finish.d] executing container finish scripts...
[cont-finish.d] done.
[s6-finish] waiting for services.
[s6-finish] sending all processes the TERM signal.
[s6-finish] sending all processes the KILL signal and exiting.
[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] 01-envfile: executing... 
[cont-init.d] 01-envfile: exited 0.
[cont-init.d] 01-migrations: executing... 
[migrations] started
[migrations] no migrations found
[cont-init.d] 01-migrations: exited 0.
[cont-init.d] 02-tamper-check: executing... 
[cont-init.d] 02-tamper-check: exited 0.
[cont-init.d] 10-adduser: executing... 
usermod: no changes

-------------------------------------
          _         ()
         | |  ___   _    __
         | | / __| | |  /  \
         | | \__ \ | | | () |
         |_| |___/ |_|  \__/

Brought to you by linuxserver.io
-------------------------------------

To support the app dev(s) visit:
Radarr: https://opencollective.com/radarr

To support LSIO projects visit:
https://www.linuxserver.io/donate/
-------------------------------------
GID/UID
-------------------------------------

User uid:    1001
User gid:    1001
-------------------------------------

[cont-init.d] 10-adduser: exited 0.
[cont-init.d] 30-config: executing... 
[cont-init.d] 30-config: exited 0.
[cont-init.d] 90-custom-folders: executing... 
[cont-init.d] 90-custom-folders: exited 0.
[cont-init.d] 99-custom-files: executing... 
[custom-init] no custom files found exiting...
[cont-init.d] 99-custom-files: exited 0.
[cont-init.d] done.
[services.d] starting services
[services.d] done.
[Info] Bootstrap: Starting Radarr - /app/radarr/bin/Radarr - Version 4.1.0.6175 
[Debug] Bootstrap: Console selected 
[Info] AppFolderInfo: Data directory is being overridden to [/config] 
[Debug] Microsoft.Extensions.Hosting.Internal.Host: Hosting starting 
[Info] AppFolderInfo: Data directory is being overridden to [/config] 
[Info] MigrationController: *** Migrating data source=/config/radarr.db;cache size=-20000;datetimekind=Utc;journal mode=Wal;pooling=True;version=3 *** 
[Info] MigrationController: *** Migrating data source=/config/logs.db;cache size=-20000;datetimekind=Utc;journal mode=Wal;pooling=True;version=3 *** 
[Info] Microsoft.Hosting.Lifetime: Now listening on: http://[::]:7878 
[Info] CommandExecutor: Starting 2 threads for tasks. 
[Info] Microsoft.Hosting.Lifetime: Application started. Press Ctrl+C to shut down. 
[Info] Microsoft.Hosting.Lifetime: Hosting environment: Production 
[Info] Microsoft.Hosting.Lifetime: Content root path: /app/radarr/bin 
root@aurora:~#
Kline- commented 2 years ago

This might be an issue with watchtower for updating containers automatically, not sure. I poked around some more today and docker inspect showed PGID env was set to 1001 even though I have it as 1002 in my compose file. My watchtower logs show it updated radarr a few days ago, maybe watchtower re-launched the container without the env settings? Not sure, will have to test more, but doesn't seem to be this image.