Open skellycode opened 1 month ago
Just ran into this as well, I think the worker node is trying to create /tmp/windmill/cache_nomount
, but it can't do that without root perms since /tmp/windmill
is most likely owned by root. Since /tmp/windmill/cache
and /tmp/windmill/logs
come mounted from the host, they're likely owned by the non-root user and therefore have no issue read/writing to them
Hitting this problem too.
As a note I'm checking on existing pods, the folders are there with correct permissions:
I have no name!@windmill-workers-6b96cfdb69-bm5sw:/usr/src/app$ ls -l /tmp/windmill
total 0
drwxr-xr-x 11 1000 1000 115 Aug 27 06:48 cache
drwxr-xr-x 4 1000 1000 31 Aug 27 06:48 cache_nomount
drwxr-xr-x 2 1000 1000 6 Aug 27 06:48 logs
drwxr-xr-x 3 1000 1000 50 Aug 27 06:48 wk-bm5sw-nrvwz
I have no name!@windmill-workers-6b96cfdb69-bm5sw:/usr/src/app$ ls -ld /tmp/windmill
drwxr-xr-x 6 1000 1000 95 Aug 27 06:48 /tmp/windmill
This is true at least until version 1.380.0
(helm chart 2.0.253
)
It must have changed how the main /tmp/windmill folder is created, possibly it's now done by root and then creating subfolders is denied for user 1000.
This is solved on latest and on next release 1.386.0. /tmp/windmill was created in Dockerfile and not chmod correctly
Describe the bug
When attempting to run windmill.dev with
user:
in the docker compose call, the following backtrace is produced:To reproduce
include
user: 1000:1000
(substitute for relavant UID/GID) in docker-compose.ymlExpected behavior
The ability to run windmill as an unprivileged container
Screenshots
No response
Browser information
No response
Application version
No response
Additional Context
No response