error stat .stfolder docker container

vihu · October 2, 2020, 8:36pm

Apologies if this is a duplicate (pretty sure it is as there are several .stfolder permission issue topics) but I’d like to ask here anyway since I haven’t been able to figure it out quite yet.

So the idea is to sync the /var/lib/docker/volumes folder from the server to the client.

Server Side (send only setup, using linuxserver/syncthing:latest img):

syncthing running in a docker container
with a write permission bind mount at /var/lib/docker/volumes (this is the folder I want to sync on the client side, it’s just my docker volumes for other containers essentially)
/var/lib/docker/volumes is mounted inside the container at /docker-volumes

Client Side (recv only setup, using linuxserver/syncthing:latest img):

rpi running syncthing, in an openmediavault container setup

Server Side syncthing container perms:

PUID: 1000
PGID: 100

I can confirm that when I log into the syncthing container, I am able to create files/dirs in the /var/lib/docker/volumes mounted folder.

Server side container id output:

uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel),11(floppy),20(dialout),26(tape),27(video)

I have tried creating .stfolder and .stignore manually inside the container under /docker-volumes and can confirm that works as well, but syncthing still appears to spew out the following errors:

2020-10-02 13:22:51: Loading ignores: lstat /docker-volumes/.stignore: permission denied

2020-10-02 13:22:51: Failed to create folder marker: stat /docker-volumes/.stfolder: permission denied

2020-10-02 13:22:51: Error on folder "docker-volume-backup" (acbd-efgh): stat /docker-volumes/.stfolder: permission denied

Appreciate any help, thanks!

AudriusButkevicius · October 2, 2020, 8:47pm

Have you verified what user syncthing runs as? I don’t think any of our containers run as root.

AudriusButkevicius · October 2, 2020, 8:48pm

Yet from the logs, it seems that syncthing can’t even list the directory content (listing directory content requires execute permission I believe)

vihu · October 2, 2020, 9:07pm

If it helps here is the ENV that I provided to the server side syncthing container:

vihu · October 2, 2020, 9:16pm

Ok, this is useful. I think I may have found the issue. I’ll report back if providing the perms work

AudriusButkevicius · October 2, 2020, 9:35pm

Your id command returns root, and the PUID/PGID is 1000, so I think you are running syncthing as different users. ps output can confirm that.

vihu · October 2, 2020, 10:12pm

That was my bad, had executed the docker exec command without specifying a user. syncthing is running as user abc and appears to have the correct uid and gid as specified on container creation.

container id output:

uid=1000(abc) gid=1000(users) groups=1000(users)

container ps -aux output:

abc          233  0.0  0.0 724220 16032 ?        Ssl  21:09   0:00 syncthing -home=/config -no-browser -no-restart --gu
abc          256  0.4  0.4 795520 115960 ?       SNl  21:09   0:15 syncthing -home=/config -no-browser -no-restart --gu

I think the only problem is the executable perm as you mentioned earlier. I’m looking to resolve that shortly. Thanks for the prompt replies!

vihu · October 2, 2020, 10:19pm

Alright, I modified the perms to 755 on the host folder and that fixed things. Thanks again!

system · November 1, 2020, 10:19pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.