Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Permission denied on start #226

Closed
Moulde opened this issue Feb 3, 2024 · 5 comments · Fixed by #229
Closed

Permission denied on start #226

Moulde opened this issue Feb 3, 2024 · 5 comments · Fixed by #229
Assignees
@cdalvaro
Labels
bug Something isn't working

Comments

@Moulde
Copy link

Moulde commented Feb 3, 2024

Describe the bug
When i try to start the container using the docker-compose file, I get permission denied errors
I also tried starting the container with this command, but same output.

docker run --name salt_stack -it --rm \
    --publish 4505:4505 --publish 4506:4506 \
    --env "PUID=$(id -u)" --env "PGID=$(id -g)" \
    --volume $(pwd)/roots/:/home/salt/data/srv/ \
    --volume $(pwd)/keys/:/home/salt/data/keys/ \
    ghcr.io/cdalvaro/docker-salt-master:latest

To Reproduce
Clone repo and do docker-compose up

Expected behavior
The container should generate keys etc and start.

Additional info

[+] Building 0.0s (0/0)                                                                                      
[+] Running 1/0
 ✔ Container salt_master  Created                                                                       0.0s 
Attaching to salt_master
salt_master  | [INFO] - Configuring directories ...
salt_master  | '/srv' -> '/home/salt/data/srv'
salt_master  | '/var/log/salt' -> '/home/salt/data/logs/salt'
salt_master  | [INFO] - Configuring logrotate ...
salt_master  | [INFO] - Configuring container timezone ...
salt_master  | [INFO] - Setting TimeZone -> Europe/Madrid ...
salt_master  | [INFO] - Configuring salt-master service ...
salt_master  | [INFO] - Configuring 3rd-party salt-formulas ...
salt_master  | [INFO] - Setting up salt keys ...
salt_master  | [INFO] -  ==> Setting up master keys ...
salt_master  | [INFO] - Generating master keys ...
salt_master  | Error: [Errno 13] Permission denied: '/home/salt/data/keys/master.pem'
salt_master  | [INFO] -  ==> Setting up GPG keys ...
salt_master  | [INFO] - Could not find GPG keys. GPG setup skipped.
salt_master  | [INFO] - Setting up salt keys permissions ...
salt_master  | chmod: changing permissions of '/home/salt/data/keys/master.pem': Permission denied
salt_master exited with code 1
salt_master  | chown: changing ownership of '/home/salt/data/keys/master.pem': Permission denied
salt_master exited with code 1
salt_master  | chown: changing ownership of '/home/salt/data/keys/master.pem': Permission denied
salt_master exited with code 1
salt_master  | chown: changing ownership of '/home/salt/data/keys/master.pem': Permission denied
salt_master exited with code 1
salt_master  | chown: changing ownership of '/home/salt/data/keys/master.pem': Permission denied

Version report (please complete the following information):

  • Host OS: [e.g. uname -a]
    Darwin MBP 23.2.0 Darwin Kernel Version 23.2.0: Wed Nov 15 21:55:06 PST 2023; root:xnu-10002.61.3~2/RELEASE_ARM64_T6020 arm64
  • Docker: [e.g. docker --version]
    Docker version 25.0.2, build 29cf629
  • Image tag: [e.g. 3006.6]
    ghcr.io/cdalvaro/docker-salt-master:latest

Additional context
Add any other context about the problem here.
@Moulde Moulde added the bug Something isn't working label Feb 3, 2024
@cdalvaro
Copy link
Owner

cdalvaro commented Feb 3, 2024

Hi, @Moulde! Thank you for opening this issue!

First of all, check that your keys directory has the right permissions:

sudo chown $(id -u):$(id -g) keys
chmod 644 keys

If you still having issues after this, tell me and I'll check it more carefully!

@cdalvaro
Copy link
Owner

cdalvaro commented Feb 6, 2024

Hi, @Moulde! Thank you for opening this issue!

First of all, check that your keys directory has the right permissions:

sudo chown $(id -u):$(id -g) keys
chmod 644 keys

If you still having issues after this, tell me and I'll check it more carefully!

Hi @Moulde! Did that work??

@Moulde
Copy link
Author

Moulde commented Feb 27, 2024
edited
Loading

Hi @cdalvaro sorry about the delay. I was not able to get it to work.

I keep getting permission errors for the master.pem file.

✔ Container salt_master  Created                                                                 0.0s 
Attaching to salt_master
salt_master  | [INFO] - Configuring directories ...
salt_master  | '/srv' -> '/home/salt/data/srv'
salt_master  | '/var/log/salt' -> '/home/salt/data/logs/salt'
salt_master  | [INFO] - Configuring logrotate ...
salt_master  | [INFO] - Configuring container timezone ...
salt_master  | [INFO] - Setting TimeZone -> Europe/Madrid ...
salt_master  | [INFO] - Configuring salt-master service ...
salt_master  | [INFO] - Configuring 3rd-party salt-formulas ...
salt_master  | [INFO] - Setting up salt keys ...
salt_master  | [INFO] -  ==> Setting up master keys ...
salt_master  | [INFO] - Generating master keys ...
salt_master  | Error: [Errno 13] Permission denied: '/home/salt/data/keys/master.pem'
salt_master  | [INFO] -  ==> Setting up GPG keys ...
salt_master  | [INFO] - Could not find GPG keys. GPG setup skipped.
salt_master  | [INFO] - Setting up salt keys permissions ...
salt_master  | chmod: changing permissions of '/home/salt/data/keys/master.pem': Permission denied
salt_master exited with code 1
salt_master  | chown: changing ownership of '/home/salt/data/keys/master.pem': Permission denied
salt_master exited with code 1
salt_master  | chown: changing ownership of '/home/salt/data/keys/master.pem': Permission denied
salt_master exited with code 1
salt_master  | chown: changing ownership of '/home/salt/data/keys/master.pem': Permission denied
salt_master exited with code 1

I successfully changed ownership of keys dir with chown, but when i go into the container docker-compose run master bash, the master.pem is still owned by root, and I am unable to change the ownership to salt:salt, getting the same error as in the above output Permission denied.

docker-salt-master git:(main) docker-compose run master bash 
root@72d88de96642:/home/salt# cd data/keys/
root@72d88de96642:/home/salt/data/keys# ls -la
total 12
drwxr-xr-x 5 salt salt  160 Feb 27 10:54 .
drwxr-xr-x 7 root root 4096 Feb  1 19:11 ..
-r-------- 1 root root 1678 Feb 27 10:54 master.pem
-rw-r--r-- 1 salt salt  450 Feb 27 10:54 master.pub
drwxr-xr-x 2 salt salt   64 Feb 27 10:54 minions
root@72d88de96642:/home/salt/data/keys# chown salt:salt master.pem 
chown: changing ownership of 'master.pem': Permission denied
root@72d88de96642:/home/salt/data/keys# sudo chown salt:salt master.pem 
chown: changing ownership of 'master.pem': Permission denied

@cdalvaro cdalvaro reopened this Feb 27, 2024
@cdalvaro cdalvaro mentioned this issue Feb 28, 2024
Merged
@cdalvaro
Copy link
Owner

This seems to be related with: saltstack/salt#65093

But it only happens on macOS.

cdalvaro added a commit that referenced this issue Feb 29, 2024
@cdalvaro
fix: Use temporary directory when creating keys
d8c0239 
There is an issue related with salt-key and using a mounted directory as destination.

See issue Permission denied on start #226
cdalvaro added a commit that referenced this issue Feb 29, 2024
@cdalvaro
fix: Use temporary directory when creating keys
64d525b 
There is an issue related with salt-key and using a mounted directory as destination.

See issue Permission denied on start #226
cdalvaro added a commit that referenced this issue Feb 29, 2024
@cdalvaro
fix: Use temporary directory when creating keys
4b938e5 
There is an issue related with salt-key and using a mounted directory as destination.

See issue Permission denied on start #226
cdalvaro added a commit that referenced this issue Feb 29, 2024
@cdalvaro
fix: Use temporary directory when creating keys
882f9a5 
There is an issue related with salt-key and using a mounted directory as destination.

See issue Permission denied on start #226
cdalvaro added a commit that referenced this issue Feb 29, 2024
@cdalvaro
fix: Use temporary directory when creating keys
344d99a 
There is an issue related with salt-key and using a mounted directory as destination.

See issue Permission denied on start #226
cdalvaro added a commit that referenced this issue Feb 29, 2024
@cdalvaro
fix: Use temporary directory when creating keys
e8537b4 
There is an issue related with salt-key and using a mounted directory as destination.

See issue Permission denied on start #226
@cdalvaro
Copy link
Owner

Hi @Moulde, this issue should be fixed in image 3006.7_1.

Please let me know if the issue persists.

And thank you for opening this issue!

@bensteinberg bensteinberg mentioned this issue May 30, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@cdalvaro cdalvaro

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fix a bug setting keys directory permissions cdalvaro/docker-salt-master
2 participants
@Moulde @cdalvaro