Community Packages

Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines

Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.

REPEAT: Do NOT report bugs for outdated packages!
Tasklist

FS#73814 - local .docker folder takes root ownership after each reboot

Attached to Project: Community Packages
Opened by Sunny Wong (ArchDoctor_needed) - Wednesday, 16 February 2022, 11:00 GMT
Last edited by Andreas Radke (AndyRTR) - Wednesday, 16 February 2022, 17:01 GMT
Task Type Bug Report
Category Packages
Status Assigned
Assigned To Lukas Fleischer (lfleischer)
S├ębastien Luttringer (seblu)
Morten Linderud (Foxboron)
Architecture x86_64
Severity Low
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 0%
Votes 0
Private No

Details

Description:
Every time I reboot my system, the /home/<user>/.docker folder gets the root ownership, e.g:
drwx--x--- 14 root root 4096 Feb 16 11:43 .docker

When using a docker command, I get the warning:
WARNING: Error loading config file: /home/<user>/.docker/config.json: open /home/<user>/.docker/config.json: permission denied

My workaround currently is to switch to root and enter:
$ chown -R <user> /home/<user>/.docker/

But I don't know why this happens. I don't have this issue on other machines.

What I tried:
Removing docker using
$ pacman -Rsn docker
and
$ rm -r /home/<user>/.docker
reboot
installing docker again with
$ pacman -S docker
reboot
-> no change

Is there a way I can see which process does the change (and maybe why)?
On the stackexchange network I found the following to monitor the permissions
$ auditctl -w /home/<user>/.docker -p a
but it didn't work (didn't show anything in the log)
Probably because this happens during boot time


Additional info:
* Package version
Name : docker
Version : 1:20.10.12-1
Architecture : x86_64
Optional Deps : btrfs-progs: btrfs backend support [installed]
pigz: parallel gzip compressor support
docker-scan: vulnerability scanner
* pacman -Ss docker | grep installed
community/docker 1:20.10.12-1 [installed]
community/docker-compose 2.2.3-2 [installed]
community/python-docker 5.0.3-3 [installed]
community/python-docker-pycreds 0.4.0-9 [installed]
community/python-dockerpty 0.4.1-9 [installed]

Steps to reproduce:
* Installing docker
* having logged in user in the docker group
* restarting system
* ls -la ~/ | grep docker shows folder with root permission
This task depends upon

Comment by Sunny Wong (ArchDoctor_needed) - Friday, 25 February 2022, 09:51 GMT
Okay, I have this issue now on all arch linux systems. So I tried to investigate this more.
I found a fast step to reproduce this issue:

systemctl stop docker -> permissions still on user
systemctl start docker -> permissions change to root

I wonder, could it be related to the /var/run/docker/containerd/containerd.toml
wherein the root directory is set to /home/<user>/.docker ?
I looked into the documentation and it would be in /var/lib/containerd as default

I will poke around in the config and hope I don't destroy the universe.
If anyone has an idea on how to debug this. Help would be appreciated :)

Loading...