Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Permissions inside container result in root owned files externally #1

Closed
hexylena opened this issue Jul 26, 2014 · 8 comments
Closed

Permissions inside container result in root owned files externally #1

hexylena opened this issue Jul 26, 2014 · 8 comments

Comments

@hexylena
Copy link
Collaborator

The notebook process runs as root internally, so whenever it generates checkpoints, those retain those permissions in the shared directory, and as a result cannot be cleaned up by galaxy.

hxr@emi:~/work/galaxy-central/database/tmp$ rm -rf *
rm: cannot remove ‘tmpfUhBgD/.ipynb_checkpoints/ipython_galaxy_notebook-checkpoint.ipynb’: Permission denied
rm: cannot remove ‘tmp_jH6Kz/.ipynb_checkpoints/ipython_galaxy_notebook-checkpoint.ipynb’: Permission denied
rm: cannot remove ‘tmpMmq8FU/.ipynb_checkpoints/ipython_galaxy_notebook-checkpoint.ipynb’: Permission denied
@bgruening
Copy link
Owner

I will try to get a workaround for it, but it seems hard at the moment. moby/moby#3124

@hexylena
Copy link
Collaborator Author

Hmmm, yeah that is tough. If there's a way we can pass the container our uid/gid and just chown the files, that might be an option.

@bgruening
Copy link
Owner

We could save them in /import/ and before we kill ipython (in the monitor_traffic script) we could chmod the entire /import/ directory.... uh dirty ...

@hexylena
Copy link
Collaborator Author

That's actually a decent suggestion:

  • The only time they need to be owned by galaxy, is whenever the temp folder is being cleaned up.
  • The temp files should not be cleaned while in use.
  • Once we're done with them, the system should be free to clean them.

Therefore, chowning them once we're done is perfectly acceptable. Thoughts?

@bgruening
Copy link
Owner

Thinking about that a little bit more, is there any reason why we can't delete all from within docker?

@hexylena
Copy link
Collaborator Author

No reason we couldn't do that, especially if we're doing persistence via creation of a new galaxy history element. Let's clean up properly after ourselves.

On July 26, 2014 1:35:59 PM CDT, "Björn Grüning" notifications@github.com wrote:

Thinking about that a little bit more, is there any reason why we can't
delete all from within docker?

Reply to this email directly or view it on GitHub:
#1 (comment)

Sent from my Android device with K-9 Mail. Please excuse my brevity.

@bgruening
Copy link
Owner

Let's see if that fixes the problem: 43c8ac8

@hexylena
Copy link
Collaborator Author

Works correctly except if the container was intentionally killed before shutdown. This is completely acceptable.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@hexylena @bgruening