Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Search
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor

  • Default (No Skin)
  • No Skin
Collapse
Brand Logo

Cloudron Forum

Apps | Demo | Docs | Install
  1. Cloudron Forum
  2. Support
  3. localstorage plugin, permission issue

localstorage plugin, permission issue

Scheduled Pinned Locked Moved Solved Support
9 Posts 4 Posters 321 Views 4 Watching
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • E Offline
    E Offline
    ekevu123
    wrote on last edited by
    #1

    I am setting up a new app in python using the localstorage plugin. I can access the /app/data folder, but it has these permissions:

    drwxr-xr-x 2 root root 4096 Apr 30 05:37 /app/data
    

    I believe, this explains why I am having a permission issue when my app tries to write into it? I could probably ssh into the server and change it there, but do I have to or can I set up my app in a certain way to get it right from the beginning, for example, when I re-install the app?

    The CloudronManifest references the addon:

      "addons": {
        "localstorage": {},
    
    1 Reply Last reply
    0
    • BrutalBirdieB Offline
      BrutalBirdieB Offline
      BrutalBirdie
      Partner
      wrote on last edited by
      #2

      @ekevu123 said in localstorage plugin, permission issue:

      I believe, this explains why I am having a permission issue when my app tries to write into it?

      Since you are running a custom python application, how do you start the python application inside the app?
      If there is a permission issue, I assume the user who starts the python process is not root, thus the permission issue.

      If you could share your custom applications code, that be very useful.
      But, if the app is already running on a Cloudron server, use the Web Terminal and ps uax and check what user is running the python process.

      Like my work? Consider donating a drink. Cheers!

      1 Reply Last reply
      0
      • E Offline
        E Offline
        ekevu123
        wrote on last edited by
        #3

        Yes, that could be it.

        ps uax
        USER         PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
        cloudron       1  0.3  0.5 778012 176572 pts/0   Ssl+ 11:33   0:08 /usr/bin/python3.12 /usr/local/bin/uvicorn main:app --host 0.0.0.0 --port 4000 --limit-co
        cloudron      26  0.3  0.0   5044  3968 pts/1    Ss   12:17   0:00 /bin/bash
        cloudron      38  0.0  0.0   7480  3072 pts/1    R+   12:17   0:00 ps uax
        

        The startup script runs exec uvicorn main:app with arguments.

        The Dockerfile defines

        USER cloudron
        

        which was a guess after different options didn't work before.

        How is it supposed to look? I am assuming my app shouldn't run in root, so how do I align these?

        1 Reply Last reply
        0
        • BrutalBirdieB Offline
          BrutalBirdieB Offline
          BrutalBirdie
          Partner
          wrote on last edited by
          #4

          You could simply add a chown in your Dockerfile:

          RUN chown -R cloudron:cloudron /app/data/
          

          This way /app/data/ is owned by user and group cloudron and should have RWX access.

          Like my work? Consider donating a drink. Cheers!

          1 Reply Last reply
          0
          • nebulonN Away
            nebulonN Away
            nebulon
            Staff
            wrote on last edited by
            #5

            So the chown in the docker image will not help here, since /app/data is mounted as a read+write volume and will thus not be part of the image itself. Hence things done in the Dockerfile will not affect the permissions of files in /app/data

            To change permissions or ownership, the chown has to be done in the app startup script. Usually start.sh.

            1 Reply Last reply
            2
            • BrutalBirdieB Offline
              BrutalBirdieB Offline
              BrutalBirdie
              Partner
              wrote on last edited by
              #6

              Ah yes, I mix that up again and again 😄

              Like my work? Consider donating a drink. Cheers!

              1 Reply Last reply
              0
              • E Offline
                E Offline
                ekevu123
                wrote on last edited by
                #7

                If I put it in the startup script, it says in the cloudron logs

                Operation not permitted
                
                J 1 Reply Last reply
                0
                • E ekevu123

                  If I put it in the startup script, it says in the cloudron logs

                  Operation not permitted
                  
                  J Online
                  J Online
                  joseph
                  Staff
                  wrote on last edited by
                  #8

                  @ekevu123 the way the packages do it is to ensure the start.sh runs as root. You can do this by USER root in the Dockerfile and then in start.sh , you can run your app with gosu cloudron:cloudron command-to-run-app .

                  1 Reply Last reply
                  0
                  • E Offline
                    E Offline
                    ekevu123
                    wrote on last edited by
                    #9

                    Thank you, that has resolved the issue!

                    1 Reply Last reply
                    0
                    • J joseph marked this topic as a question on
                    • J joseph has marked this topic as solved on
                    Reply
                    • Reply as topic
                    Log in to reply
                    • Oldest to Newest
                    • Newest to Oldest
                    • Most Votes


                    • Login

                    • Don't have an account? Register

                    • Login or register to search.
                    • First post
                      Last post
                    0
                    • Categories
                    • Recent
                    • Tags
                    • Popular
                    • Bookmarks
                    • Search