Permissions Problems (probably podman)

Sonarr version: 4.0.11.2680-ls260(via lscr.io/linuxserver/sonarr:latest)
OS: Fedora 41
Debug logs: Permissions Issue Trace · GitHub
Compose File: podman compose file · GitHub
Description of issue: I’m having a strange permission issue I don’t understand and am hoping someone might have some insight into it. Logs and compose file above. What happens is I try to scan existing files or set up a directory for files in the media management settings and it tells me “Folder ‘/storage/Television/’ is not writable by user ‘abc’”. Same message no matter how it’s triggered and the same message as it shows in the logs (with little more detail).

I am using podman instead of docker but it should be compatible (I’ve gotten other services running without issue). I think it may be related to the differences in how the two run containers (despite what podman says it’s not a perfect docker replacement, but I am already using it and would like to just use it instead of having to have a single container in docker, outside the rest of my management pipeline).

Being a permission issue I tried to obvious stuff; permissions on the host system are correct, the files are owned by user 1000 and in the same 1000 group. When I go into the container I can see the directory being mounted, but it says everything is owned by root. The root user can modify things just fine as expected. The problem all comes down to the abc user. I checked the passwd file and the user abc has the pid/gid 1000, same as I passed and same as the user on the host machine (the user the container is ran under).

I’d prefer not to have to switch over to docker just for this and there’s gotta be someone else out there with this running on fedora too. Any advice would be appreciated.

I came up with a rather simple, if potentially unwise, solution to this.

Because podman was mounting the volumes as root with UID/GID 0 instead of passing the proper UID/GID in the environmental variables I just passed 0/0. Then the abc user is also 0/0 and the permissions all just works out. From what I’ve read podman is making this all work by actually using the user UID/GID on the system side to do the work (I think, all this isn’t really my forte and the docs on the podman side seem a bit scattered).

This could cause issue I think, and is probably less secure however for this case I am not too worried about it, I only share a few non-private directories with any of the containers but if there is some security concern I’m not thinking about it please let me know before it comes back to bite me.

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.