Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Directory ownership test fails with docker #1777

Closed
mgsloan opened this issue Feb 11, 2016 · 6 comments
Closed

Directory ownership test fails with docker #1777

mgsloan opened this issue Feb 11, 2016 · 6 comments
Assignees
@sjakobi
Labels
component: docker type: bug
Milestone
P1: Must

Comments

@mgsloan
Copy link
Contributor

mgsloan commented Feb 11, 2016

stack build in a repo that builds in a docker container results in

You are not the owner of '/home/mgsloan/.stack/'. Aborting to protect file permissions.
Retry with '--allow-different-user' to disable this precaution.

Despite me owning that folder. stack exec --allow-different-user -- whoami reports stack, and stack exec --allow-different-user -- ls -la /home/mgsloan shows a .stack folder owned by stack, so I'm not sure what's going wrong here. I haven't looked at the code yet, could be something simple.

Docker is discussed a bit in the PR - #1599 - but I didn't test it.
@mgsloan mgsloan added this to the P1: Must milestone Feb 11, 2016
@mgsloan
Copy link
Contributor Author

mgsloan commented Feb 11, 2016

Pinging @sjakobi

@sjakobi
Copy link
Member

sjakobi commented Feb 11, 2016

I should have done some testing with Docker in the first place…

I just reproduced the bug on my system but don't currently have the time to look into this more closely. I'd propose that I revert my commits (2c2e15a and 260ea31) and look into this next week.

@mgsloan
Copy link
Contributor Author

mgsloan commented Feb 11, 2016

@sjakobi No worries, that's why it's a development branch! I've reverted the merge. This means that your new PR should start with reverting the revert, via git revert 0a89c9c29d744a4955e62b59774036e98d6b1e8e (as described in "reverting the revert" here).

mgsloan referenced this issue Feb 11, 2016
@mgsloan
Revert "Merge pull request #1599 from sjakobi/471-check-for-sudo"
0a89c9c 
This reverts commit 964db1c, reversing
changes made to 0ced61d.
@sjakobi
Copy link
Member

sjakobi commented Feb 11, 2016

Thanks! I've also reverted the relevant changelog edit
(260ea31).

2016-02-12 0:23 GMT+01:00 Michael Sloan [email protected]:

@sjakobi https://github.com/sjakobi No worries, that's why it's a
development branch! I've reverted the merge. This means that your new PR
should start with the commit that's created by reverting the revert, via git
revert 0a89c9c (as described in
"reverting the revert" here
https://git-scm.com/blog/2010/03/02/undoing-merges.html).


Reply to this email directly or view it on GitHub
#1777 (comment)
.

@borsboom
Copy link
Contributor

My guess is that the ownership test is being done by the stack process in the container before it has setuid itself to the the host user (since processes in Docker containers run as root by default). The simplest solution is probably to disable the check when re-spawned in Docker (use Stack.Docker.getInContainer to check).

@mgsloan
Copy link
Contributor Author

mgsloan commented Feb 12, 2016

That makes sense. The checks for the outer stack invocation work, but not the inner. I did a little bit of print debugging yesterday, and stack thought it was user 0, whereas ~/.stack is owned by user 1000.

@sjakobi sjakobi mentioned this issue Feb 17, 2016
Merged
mgsloan added a commit that referenced this issue Feb 18, 2016
@mgsloan
Merge pull request #1801 from sjakobi/471-once-again
5f41d21 
Add 'allow-different-user' flag and configuration option #471, fix #1777
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@sjakobi sjakobi

Labels
component: docker type: bug
Projects
None yet
Milestone
P1: Must
Development

No branches or pull requests
3 participants
@mgsloan @borsboom @sjakobi