fix(rootless): establish task-dir ownership with runSystem in setupTaskDir

The dir-ownership chown used runFileOp (the unprivileged dir owner), which
can't reclaim files a prior run left root/manager-owned — leaving a root-owned
task_processor.log the daemon then couldn't append to. Use runSystem (root) so
ownership is actually established.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Signed-off-by: librelad <librelad@digitalangels.vip>
This commit is contained in:
librelad 2026-05-24 14:44:02 +01:00
parent 53f861d39d
commit 7314319090

View File

@ -143,8 +143,11 @@ setupTaskDir() {
# it. Create-if-absent to keep a stable inode for flock across restarts.
[[ -e "$LOCK_FILE" ]] || runFileOp install -m 666 /dev/null "$LOCK_FILE" 2>/dev/null
runFileOp chmod 666 "$LOCK_FILE" 2>/dev/null
# Establish ownership with runSystem (root): the unprivileged dir owner can't
# reclaim files an earlier run left root/manager-owned (e.g. a root-owned
# task_processor.log), which would then block the daemon's log appends.
if [[ -n "$docker_install_user" ]]; then
runFileOp chown -R "$docker_install_user":"$docker_install_user" "$TASK_DIR" 2>/dev/null
runSystem chown -R "$docker_install_user":"$docker_install_user" "$TASK_DIR" 2>/dev/null
fi
}