New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
The fix-permissions script must be re-run on $HOME after various setup. #547
Comments
@parente I will be starting on a PR for this tomorrow. Warn me if already done work on it. |
@GrahamDumpleton Thanks for the heads up. I've not many cycles to spare on any docker-stacks work for the past week or so, so please, have at it. My only thought on this issue is that some of those folders created in |
Of interest, just removing the Before.
After.
|
There is a potential conflict between packages in
If this means different versions of packages are being pulled down to replace existing ones, then it only serves to bloat out the A separate issue should perhaps be created to investigate this and avoid downgrading of packages if possible. |
The
And some removed, which will not actually save any space.
|
In |
Saving on size in
and after
So almost 400MB on image size by The before size is already based on the trimmed |
yeah, none of the build artifacts should be left in HOME. In fact, there should be hardly anything in $HOME in all of our images (no config, no packages, etc.), so ~any file created in $HOME should be considered a bug in the line that creates it. My guess is that the majority of it is happening in the jupyterlab build step. I don't believe the fix is to run fix-permissions on $HOME, but instead delete the cached artifacts. As for downgrades, it's likely happening because of some compatibility in downstream packages (e.g. the R kernel package linking an older libzmq to the latest pyzmq), which should generally be fixed when downstream packages update. Identifying which ones are causing this would be useful, though. |
It is not entirely true that everything in |
Fixed by #555. |
What docker image you are using?
All of the following images are affected in some way.
What is the problem?
The
fix-permissions
script is run on the$HOME
directory once inDockerfile
forbase-notebook
, and in one special case inscipy-notebook
. This is not enough.The
fix-permissions
script needs to be run after any commands which could result in per user config or cache files being written to the home directory of the user. Because this isn't done in many cases, the per user config or cache directories are not writable to group.For example from
minimal-notebook
.The
.cache
,.conda
,.local
and.yarn
directories are not group writable, and neither would files in them.This will cause commands to fail later which want to write to those directories if running as an assigned user ID and relying on supplemental groups set when running the image, to be able to write to them.
The
fix-permissions
command should be run on$HOME
after all commands to install packages that use these directories. For example afterconda
is run, but most likely others as well.The text was updated successfully, but these errors were encountered: