You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
So I'm trying to backup some Docker volume data using Duplicacy. Most of my containers run with my user so I have no permissions issue. A problem arise when a file is created as root from one of my containers. Caddy is doing that for a specific file in his /data/caddy/ocsp folder and I want to understand why. See this excerpt from ls -la /data/caddy/ocsp :
-rwxrwxr-- 1 1000 1000 313 May 30 16:24 duplicati.sh1n0sh4.stream-cce56a39
-rw------- 1 root root 313 May 30 16:31 duplicacy.sh1n0sh4.stream-44c33e42
-rwxrwxr-- 1 1000 1000 503 May 29 12:48 portainer.sh1n0sh4.stream-41c43ab1
-rwxrwxr-- 1 1000 1000 503 May 29 00:01 portainer.sh1n0sh4.stream-bd29b72f
What are these files ? Why the duplicacy one the only in root ? For the record I tried deleting it and restarting the container. It just gets recreated.
This is the user of the container apparently (I actually don't know how it gets UID 1000 because I didn't pass it but that's what I wanted so... Cool)
/data/caddy/ocsp $ id
uid=1000 gid=0(root)
Note that this all works otherwise fine (HTTPS, reverse proxing and stuff). You can find all the relevant files here.
Thanks
The text was updated successfully, but these errors were encountered:
LeonardMeyer
changed the title
Why the caddy creating a file as root in my ocsp folder ?
Why is Caddy creating a file as root in my ocsp folder ?
May 30, 2022
Caddy runs as root in Docker because it needs to bind to low ports, which requires elevated permissions. You'll need to modify your Dockerfile if you don't want it to run as root. But it shouldn't matter what user the files are owned by as long as Caddy can manipulate them.
So I'm trying to backup some Docker volume data using Duplicacy. Most of my containers run with my user so I have no permissions issue. A problem arise when a file is created as root from one of my containers. Caddy is doing that for a specific file in his
/data/caddy/ocsp
folder and I want to understand why. See this excerpt fromls -la /data/caddy/ocsp
:What are these files ? Why the duplicacy one the only in root ? For the record I tried deleting it and restarting the container. It just gets recreated.
This is the user of the container apparently (I actually don't know how it gets UID 1000 because I didn't pass it but that's what I wanted so... Cool)
Note that this all works otherwise fine (HTTPS, reverse proxing and stuff). You can find all the relevant files here.
Thanks
The text was updated successfully, but these errors were encountered: