From 22364f5421e3f30c4d128e43f3a6fd938d8d5db3 Mon Sep 17 00:00:00 2001 From: librelad Date: Sun, 24 May 2026 21:46:17 +0100 Subject: [PATCH] fix(rootless): enumerate containers/ as its owner, not the manager MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bare `find "$containers_dir"` runs as the manager, but under rootless containers/ is dockerinstall-owned 751 (traversable, not list-readable by the manager) -> "find: /docker/containers/: Permission denied". For the app-log generator that was cosmetic; for dockerComposeUpAllApps / dockerComposeDownAllApps it silently enumerates nothing so no apps come up/down. Route these through runFileOp find (dockerinstall in rootless, manager in rooted — correct in both). The two docker-type switcher finds are deliberately left: mid-switch the at-rest container owner can differ from the target-mode user runFileOp resolves to, so they need mode-aware handling rather than a blind swap. Co-Authored-By: Claude Opus 4.7 Signed-off-by: librelad --- scripts/docker/app/compose/down_all.sh | 5 ++++- scripts/docker/app/compose/up_all.sh | 5 ++++- scripts/webui/data/logs/webui_app_logs.sh | 2 +- 3 files changed, 9 insertions(+), 3 deletions(-) diff --git a/scripts/docker/app/compose/down_all.sh b/scripts/docker/app/compose/down_all.sh index 50d8715..c52e22f 100755 --- a/scripts/docker/app/compose/down_all.sh +++ b/scripts/docker/app/compose/down_all.sh @@ -3,7 +3,10 @@ dockerComposeDownAllApps() { local type="$1" - local subdirectories=($(find "$containers_dir" -mindepth 1 -maxdepth 1 -type d)) + # runFileOp: containers/ is owned by the container user (dockerinstall, 751) + # under rootless and isn't list-readable by the manager — enumerate as the + # owner or this silently finds nothing and no apps get brought down. + local subdirectories=($(runFileOp find "$containers_dir" -mindepth 1 -maxdepth 1 -type d)) for dir in "${subdirectories[@]}"; do local app_name=$(basename "$dir") diff --git a/scripts/docker/app/compose/up_all.sh b/scripts/docker/app/compose/up_all.sh index 84238c7..e5b749b 100755 --- a/scripts/docker/app/compose/up_all.sh +++ b/scripts/docker/app/compose/up_all.sh @@ -3,7 +3,10 @@ dockerComposeUpAllApps() { local type="$1" - local subdirectories=($(find "$containers_dir" -mindepth 1 -maxdepth 1 -type d)) + # runFileOp: containers/ is owned by the container user (dockerinstall, 751) + # under rootless and isn't list-readable by the manager — enumerate as the + # owner or this silently finds nothing and no apps come up. + local subdirectories=($(runFileOp find "$containers_dir" -mindepth 1 -maxdepth 1 -type d)) for dir in "${subdirectories[@]}"; do local app_name=$(basename "$dir") diff --git a/scripts/webui/data/logs/webui_app_logs.sh b/scripts/webui/data/logs/webui_app_logs.sh index fa1ba9e..6c364f2 100755 --- a/scripts/webui/data/logs/webui_app_logs.sh +++ b/scripts/webui/data/logs/webui_app_logs.sh @@ -14,7 +14,7 @@ webuiGenerateAppLogs() # Fast approach: Scan containers directory directly if [ -d "$containers_dir" ]; then - find "$containers_dir" -maxdepth 1 -type d -not -path "$containers_dir" | while read -r dir; do + runFileOp find "$containers_dir" -maxdepth 1 -type d -not -path "$containers_dir" | while read -r dir; do local result=$(basename "$dir") local app_name="$result" total_apps=$((total_apps + 1))