I’m trying to setup my first homeserver with pods alone but I can’t add my mounted /data (it’s an external HDD) folder to the root folder, but the /app and /config works. It’s a common issue but somehow I wasn’t able to solve it.
OS: Rocky Linux 9.3
External HDD (WD Elements)
external HDD in /etc/fstab:
# WD Elements drive
UUID=4655386a-5ccf-4c7b-ad6a-c0b90ccf8454 /home/privatenoob/media/storage1 xfs defaults 0 0
radarr.service:
[Unit]
Description=Radarr Movie Server
After=network.target
[Service]
ExecStart=podman run --name=radarr -e PUID=1000 -e PGID=1000 -e UMASK=002 -p 7878:7878 -v radarr-config:/config -v /home/privatenoob/media/storage1/Filmek:/data --restart unless-stopped lscr.io/linuxserver/radarr:latest
ExecStop=podman stop radarr
Restart=on-failure
[Install]
WantedBy=default.target
Permissions:
drwxr-xr-x. 2 privatenoob privatenoob 6 Jan 17 16:52 Filmek
drwxr-xr-x 4 abc users 139 Jan 18 19:44 config
drwxr-xr-x 2 root root 6 Jan 17 15:52 data
chown -R 1000:1000 /data didn’t work. It gave permission denied, even though I used root (probably this is because of -e PUID=1000?)
I’m doing rootless most likely, I just use the default Rocky Linux 9 setup with the Container Tools option turned on while the setup process. This didn’t work either for me. Did you start the service in sudo systemctl or in systemctl --user mode? Thanks for your help!
Hey, sorry for the late reply. I am running rootless using a dedicated user, so I use systemctl --user to control the container.
From what I understand, when running rootless the root user inside the container correlates to the outside user (which is running the container), in terms of permissions. The external directories I bind mount into the container as externally owned by my dedicated user, so that the root user inside the container owns them (inside the container).
There are a few ways around it. The simplest is to add the --privileged option.
The more secure method with podman is by specifying a user (ex -u 10001:10001) from your extended subuid:subgid range after your full and proper setup of rootless podman :-)
Then instead of chown you’ll want to use the oddly named podman unshare tool to automatically set the permissions of the host directory. You would then want to start your service with systemctl --user instead of sudo systemctl
This denotes the range of subuids that are available to your user.
-u 100000:65536
This part specifies two things ([UID]:[GID]) even though it’s the same syntax as the earlier part that specifies one range :)
I suspect what you will want to do is use the following:
# change ownership of the directory to the UID:GID that matches something in your subuid:subgid range, in this case 10000:10000
podman unshare chown -R 100000:10000 /home/privatenoob/media/storage1/Filmek/
Then we can specify that the user in the container can match the user (UID) we specified above:
As a note, if you copy/pasted that ExecStart line, you might have gotten the invalid argument error because you entered 100000 (outside of your subuid range, i.e. >65536) instead of 10000.
There’s a nice guide that gives a great walkthrough. I’ll dig through my bookmarks and add it here when I get some time.
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !selfhosted@lemmy.world
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.
Rules:
Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.
No spam posting.
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it’s not obvious why your post topic revolves around selfhosting, please include details to make it clear.
Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
New Lemmy Post: Radarr: Path: Folder ‘/data/’ is not writable by user ‘abc’ (https://lemmy.world/post/10881873)
Tagging: #SelfHosted
(Replying in the OP of this thread (NOT THIS BOT!) will appear as a comment in the lemmy discussion.)
I am a FOSS bot. Check my README: https://github.com/db0/lemmy-tagginator/blob/main/README.md
bad bot
Drop the / in “/data” for the chown command. Now it is looking for a data folder in root, and not the one in “Filmek”.
Don’t know if it will help with your issue thou
Try running the chown outside of the container:
chown -R 1000:1000 /home/privatenoob/media/storage1/FilmekDoesn’t work either with both running this before starting/building the container and also while running it. Thanks for the help tho!
Are you doing rootless or rootfull podman? I am doing rootless and I have the following in my radarr container - PUID=0 PGID=0
I’m doing rootless most likely, I just use the default Rocky Linux 9 setup with the Container Tools option turned on while the setup process. This didn’t work either for me. Did you start the service in
sudo systemctlor insystemctl --usermode? Thanks for your help!Hey, sorry for the late reply. I am running rootless using a dedicated user, so I use
systemctl --userto control the container. From what I understand, when running rootless the root user inside the container correlates to the outside user (which is running the container), in terms of permissions. The external directories I bind mount into the container as externally owned by my dedicated user, so that the root user inside the container owns them (inside the container).There are a few ways around it. The simplest is to add the
--privilegedoption.The more secure method with podman is by specifying a user (ex
-u 10001:10001) from your extended subuid:subgid range after your full and proper setup of rootless podman :-)Then instead of
chownyou’ll want to use the oddly namedpodman unsharetool to automatically set the permissions of the host directory. You would then want to start your service withsystemctl --userinstead ofsudo systemctlOkay so I’ve done these steps (it seems rootless podman have been setup by Rocky automatically):
privatenoob:100000:655362.:Changed ExecStart to this:
ExecStart=podman run --name=radarr -u 100000:65536 -p 7878:7878 -v radarr-config:/config -v /home/privatenoob/media/storage1/Filmek:/data --restart unless-stopped lscr.io/linuxserver/radarr:latest3.:
podman unshare chown -R 100000:65536 /home/privatenoob/media/storage1/Filmek/Unfortunately unsharing gave me invalid arguments.
chown: changing ownership of '/home/privatenoob/media/storage1/Filmek/': Invalid argumentI have tried by leaving the -e PUID=1000 parts on but those didn’t work either. Yeah and I’m using systemctl --user. Thanks for your help!
Ah! I think I see the confusion.
This denotes the range of subuids that are available to your user.
This part specifies two things ([UID]:[GID]) even though it’s the same syntax as the earlier part that specifies one range :)
I suspect what you will want to do is use the following:
Then we can specify that the user in the container can match the user (UID) we specified above:
As a note, if you copy/pasted that ExecStart line, you might have gotten the invalid argument error because you entered
100000(outside of your subuid range, i.e. >65536) instead of10000.There’s a nice guide that gives a great walkthrough. I’ll dig through my bookmarks and add it here when I get some time.
Hope this helps!
On my OpenSuse server I had to add :Z after /data in the bind, dont know if it applies to your setup, but it is easy to test and see if it works
It doesn’t even start unfortunately, but thanks for your help tho!