The 3006.3 release has /home/salt owned by root, causing crash at startup

[evonzee]

Describe the bug
In the 3006.2 release, the /home/salt directory was owned by the salt user:

root@f6964e308ee1:/home/salt# ls -la
total 32
drwxrwxr-x 1 salt salt 4096 Aug 10 20:10 .
drwxr-xr-x 1 root root 4096 Aug 10 20:09 ..
-rw-r--r-- 1 salt salt  220 Jan  6  2022 .bash_logout
-rw-r--r-- 1 salt salt 3771 Jan  6  2022 .bashrc
drwxrwxr-x 3 salt salt 4096 Aug 10 20:10 .cache
-rw-r--r-- 1 salt salt  849 Aug 10 20:09 .profile
drwxr-xr-x 7 root root 4096 Aug 10 20:10 data
root@f6964e308ee1:/home/salt# exit

However, in the 3006.3 release, this directory is now owned by root:

root@48671de9e0fb:/home/salt# ls -la
total 28
drwxr-x--- 1 root root 4096 Sep  8 11:46 .
drwxr-xr-x 1 root root 4096 Sep  8 11:46 ..
-rw-r--r-- 1 root root  220 Jan  6  2022 .bash_logout
-rw-r--r-- 1 root root 3771 Jan  6  2022 .bashrc
-rw-r--r-- 1 root root  849 Sep  8 11:46 .profile
drwxr-xr-x 7 root root 4096 Sep  8 11:46 data

This causes the system to fail to startup, since the salt user cannot cd to /home/salt:

2023-09-14 18:03:06,255 INFO supervisord started with pid 1
2023-09-14 18:03:07,257 INFO spawned: 'salt-master' with pid 99
2023-09-14 18:03:07,259 INFO spawned: 'cron' with pid 100
supervisor: couldn't chdir to /home/salt: EACCES
supervisor: child process was not spawned
2023-09-14 18:03:07,262 INFO exited: salt-master (exit status 127; not expected)
2023-09-14 18:03:08,264 INFO spawned: 'salt-master' with pid 101
2023-09-14 18:03:08,265 INFO success: cron entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
supervisor: couldn't chdir to /home/salt: EACCES
supervisor: child process was not spawned
2023-09-14 18:03:08,269 INFO exited: salt-master (exit status 127; not expected)
2023-09-14 18:03:10,273 INFO spawned: 'salt-master' with pid 102
supervisor: couldn't chdir to /home/salt: EACCES
supervisor: child process was not spawned
2023-09-14 18:03:10,279 INFO exited: salt-master (exit status 127; not expected)
^C2023-09-14 18:03:11,280 WARN received SIGINT indicating exit request
2023-09-14 18:03:11,281 INFO waiting for salt-master, cron to die
2023-09-14 18:03:11,281 INFO stopped: cron (terminated by SIGTERM)

To Reproduce
Steps to reproduce the behavior:

1. Just run docker: docker run --rm -ti cdalvaro/docker-salt-master:3006.3

Expected behavior
salt-master starts up

Additional info
The full log with the outputted error.

[INFO] - Configuring directories ...
'/srv' -> '/home/salt/data/srv'
'/var/log/salt' -> '/home/salt/data/logs/salt'
[INFO] - Configuring logrotate ...
[INFO] - Configuring container timezone ...
[INFO] - Setting TimeZone -> UTC ...
[INFO] - Configuring salt-master service ...
[INFO] - Configuring 3rd-party salt-formulas ...
[INFO] - Setting up salt keys ...
[INFO] -  ==> Setting up master keys ...
[INFO] - Generating master keys ...
Error: Write access denied to "/home/salt/data/keys" for user "salt".
[INFO] -  ==> Setting up GPG keys ...
[INFO] - Could not find GPG keys. GPG setup skipped.
[INFO] - Setting up salt keys permissions ...
Salt Version:
          Salt: 3006.3

Python Version:
        Python: 3.10.13 (main, Sep  6 2023, 02:11:27) [GCC 11.2.0]

Dependency Versions:
          cffi: 1.14.6
      cherrypy: 18.6.1
      dateutil: 2.8.1
     docker-py: Not Installed
         gitdb: Not Installed
     gitpython: Not Installed
        Jinja2: 3.1.2
       libgit2: 1.6.4
  looseversion: 1.0.2
      M2Crypto: Not Installed
          Mako: Not Installed
       msgpack: 1.0.2
  msgpack-pure: Not Installed
  mysql-python: Not Installed
     packaging: 22.0
     pycparser: 2.21
      pycrypto: Not Installed
  pycryptodome: 3.9.8
        pygit2: 1.12.2
  python-gnupg: 0.4.8
        PyYAML: 6.0.1
         PyZMQ: 23.2.0
        relenv: 0.13.10
         smmap: Not Installed
       timelib: 0.2.4
       Tornado: 4.5.3
           ZMQ: 4.3.4

System Versions:
          dist: ubuntu 22.04.3 jammy
        locale: utf-8
       machine: x86_64
       release: 6.5.2-arch1-1
        system: Linux
       version: Ubuntu 22.04.3 jammy

[INFO] - Starting supervisord ...
2023-09-14 18:04:53,145 INFO Included extra file "/etc/supervisor/conf.d/cron.conf" during parsing
2023-09-14 18:04:53,145 INFO Included extra file "/etc/supervisor/conf.d/salt-master.conf" during parsing
2023-09-14 18:04:53,145 INFO Set uid to user 0 succeeded
2023-09-14 18:04:53,148 INFO RPC interface 'supervisor' initialized
2023-09-14 18:04:53,148 CRIT Server 'unix_http_server' running without any HTTP authentication checking
2023-09-14 18:04:53,148 INFO supervisord started with pid 1
2023-09-14 18:04:54,150 INFO spawned: 'salt-master' with pid 99
2023-09-14 18:04:54,151 INFO spawned: 'cron' with pid 100
supervisor: couldn't chdir to /home/salt: EACCES
supervisor: child process was not spawned
2023-09-14 18:04:54,154 INFO exited: salt-master (exit status 127; not expected)
2023-09-14 18:04:55,157 INFO spawned: 'salt-master' with pid 101
2023-09-14 18:04:55,158 INFO success: cron entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
supervisor: couldn't chdir to /home/salt: EACCES
supervisor: child process was not spawned
2023-09-14 18:04:55,163 INFO exited: salt-master (exit status 127; not expected)
2023-09-14 18:04:57,167 INFO spawned: 'salt-master' with pid 102
supervisor: couldn't chdir to /home/salt: EACCES
supervisor: child process was not spawned
2023-09-14 18:04:57,173 INFO exited: salt-master (exit status 127; not expected)
2023-09-14 18:05:00,178 INFO spawned: 'salt-master' with pid 103
supervisor: couldn't chdir to /home/salt: EACCES
supervisor: child process was not spawned
2023-09-14 18:05:00,183 INFO exited: salt-master (exit status 127; not expected)
2023-09-14 18:05:01,184 INFO gave up: salt-master entered FATAL state, too many start retries too quickly

Version report (please complete the following information):

• Host OS:
  • Linux aragorn 6.5.2-arch1-1 # 1 SMP PREEMPT_DYNAMIC Wed, 06 Sep 2023 21:01:01 +0000 x86_64 GNU/Linux
  • Linux cluster-pi-3 6.1.21-v8+ #1642 SMP PREEMPT Mon Apr 3 17:24:16 BST 2023 aarch64 GNU/Linux
• Docker:
  • Docker version 24.0.5, build ced0996600
  • k3s version v1.27.3+k3s1 (fe9604ca)
• Image tag:
  • 3006.3

Additional context
Add any other context about the problem here.

[cdalvaro]

Thank you for reporting this issue @evonzee!

I've been running this image with no problems, but testing an empty installation is enough to reproduce the issue.

I'll try to fix it asap!

[cdalvaro]

I've figured out why my instance was working with the latest version without issues. I map the salt's user PUID and PGID with my host machine. As it is explained here: https://github.com/cdalvaro/docker-salt-master#host-mapping

However, I've patched the image to set the right permissions for the salt's home directory after installing salt. So now it is not necessary to set PUID and PGID for the container to start up properly.

Please, let me know if you are still having issues.

[evonzee]

Thanks so much for the quick fix! I have confirmed that it's now working properly on my k3s cluster.