Skip to content
This repository has been archived by the owner on Nov 24, 2022. It is now read-only.

Shared folders permission problem #151

Closed
fgrehm opened this issue Sep 28, 2013 · 15 comments
Closed

Shared folders permission problem #151

fgrehm opened this issue Sep 28, 2013 · 15 comments
Labels
Milestone

Comments

@fgrehm
Copy link
Owner

fgrehm commented Sep 28, 2013

While trying out this Ubuntu Raring Vagrant VBox VM, I stumbled across a pretty bad issue that messes up with shared folders permissions. The problem is that the vagrant user on that VBox VM has an uid of 900, but the base boxes containers ship with the vagrant user with the uid of 1000.

The reason why things works fine for most cases is that Debian-like distros uses 1000 as the initial user id which usually maps to the same user id on the host machine.

Unfortunately I have no idea how to mount the shared folder on the guest container with a different uid / gid, a solution might be to implement support for NFS Shared folders to work around that for those who face this problem but I'd need to double check that. If you are experiencing this, please raise your hand :)

@tknerr
Copy link

tknerr commented Sep 29, 2013

Same here. Output looks like this:

...
[sample-app] Chef 11.6.0 Omnibus package is already installed.
[sample-app] Configuring cache buckets...
The following SSH command responded with a non-zero exit status.
Vagrant assumes that this means the command failed!

mkdir -p /tmp/vagrant-cache/gem/1.9.1

Stdout from the command:



Stderr from the command:

mkdir: cannot create directory ‘/tmp/vagrant-cache/gem’: Permission denied

More:

@fgrehm
Copy link
Owner Author

fgrehm commented Sep 29, 2013

yeah, that also happened to me while using vagrant-cachier =/ I did some research last night and it seems that it is not possible to bind mount the folders using a different uid / gid.
Based on Vagrant's code I'd say NFS could fix that but I'd need to double check. The downside is that bind mounts performs a lot better than NFS =/

@fgrehm
Copy link
Owner Author

fgrehm commented Dec 9, 2013

For the record, I'm planning to add support for NFS on the next release of vagrant-lxc. I've been taking a break from it over the past month but I plan to release one more version before the end of the year.

@Restless-ET
Copy link

Hi @fgrehm

I was just wondering... are you still planning on releasing that new version (with NFS support) soon?

Kind regards

@fgrehm
Copy link
Owner Author

fgrehm commented Dec 26, 2013

@Restless-ET hopefully yes, I'm going on vacations starting on Jan 4th and if all goes well I'll be able to cut a new release with NFS in place before heading out :-)

@Restless-ET
Copy link

Glad to ear that, I'm really looking forward to the NFS support.
Wishes of a nice vacation. :)

Regards

@fgrehm
Copy link
Owner Author

fgrehm commented Jan 29, 2014

For the record, vagrant 1.5 will ship with rsync support as well and we'll be able to use as a workaround for this as well ;-)

@fgrehm
Copy link
Owner Author

fgrehm commented Feb 2, 2014

The next major version of the plugin will drop support for vagrant < 1.4 and will have support for NFS and rsync out of the box. I'm closing it in favor of GH-191

@fgrehm fgrehm closed this as completed Feb 2, 2014
fgrehm added a commit that referenced this issue Mar 14, 2014
@twolfson
Copy link

twolfson commented Apr 30, 2016

I'm not sure about other users but I am considering using vagrant-lxc because NFS and rsync are too slow for my needs. As a result, suggesting those as a workaround is backwards =/

As an alternative, I wrote a script to update the vagrant user's UID and GID to match the host machine's UID/GID. I wasn't able to use usermod (which would have made things much simpler) due to the host OS complaining about vagrant user being in use (even though it wasn't). Here's the script I am using in my Vagrantfile:

# Repair Vagrant UID/GID to match our current user
uid = `id -u`.strip()
gid = `id -g`.strip()
config.vm.provision "shell", inline: <<-EOF
  # Exit on first error
  set -e

  # Resolve our UID and GID
  src_uid="$(id -u vagrant)"
  target_uid="#{uid}"
  src_gid="$(id -g vagrant)"
  target_gid="#{gid}"

  # If the user and group ids are aligned, then exit early
  if test "$src_uid" = "$target_uid" && test "$src_gid" = "$target_gid"; then
    exit 0
  fi

  # Otherwise, update our user id and group id
  # DEV: We cannot use \`usermod\` as it complains about \`vagrant\` having a process
  # Example: UID=100; GID=101
  #  /etc/shadow: libuuid:x:100:101::/var/lib/libuuid:
  #  /etc/group: libuuid:x:101:
  sed -E "s/(vagrant:.:)$src_uid:$src_gid:/\\1$target_uid:$target_gid:/g" --in-place /etc/passwd
  sed -E "s/(vagrant:.:)$src_gid:/\\1$target_gid:/g" --in-place /etc/group

  # Update all files to the proper user and group
  find / -uid "$src_uid" -print0 2> /dev/null | grep --invert-match -E "^(/sys|/proc)" | xargs -0 chown "$target_uid"
  find / -gid "$src_gid" -print0 2> /dev/null | grep --invert-match -E "^(/sys|/proc)" | xargs -0 chgrp "$target_gid"
EOF

Edit: Added -print0/-0 (null delimiter) to find and xargs via #151 (comment)

@fgrehm
Copy link
Owner Author

fgrehm commented Dec 7, 2016

@twolfson I know it's been a while but you can also create a base box with the proper GID / UID 😄

@twolfson
Copy link

twolfson commented Dec 7, 2016

@fgrehm I think that would work for a single user but what if your team has multiple machines with different GID/UID =/

@fgrehm
Copy link
Owner Author

fgrehm commented Dec 7, 2016

oh yeah, that sucks. its been a while since I last done any LXC work but last time I looked into this NFS was the only way I could get it working

@twolfson
Copy link

twolfson commented Dec 8, 2016

After some searching, it looks like there's a id_map config that should work:

lxc/lxc#1176

https://linuxcontainers.org/lxc/manpages/man5/lxc.container.conf.5.html#lbBB

  config.vm.provider "lxc" do |lxc|
    config.vm.box = "fgrehm/trusty64-lxc"
    lxc.customize("id_map", "u 1000 1001 1")
    lxc.customize("id_map", "g 1000 1001 1")
    # Later on, use #{uid} with uid = `id -u`.strip() from previous iteration
  end

I tried to get it working but couldn't. Unfortunately, I'm out of time to explore it but thankfully the script I posted has been working well for me =)

@bryanlarsen
Copy link

@twolfson, your script appears to be working great for me. I had to add a '-print0' to the find script and use '-0' to xargs because we have some filenames with spaces. Thanks!

@twolfson
Copy link

Ah, null delimiter. Nice catch, I'll update the comment 👍

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
Projects
None yet
Development

No branches or pull requests

5 participants