fix(switcher): reconcile also flips the WebUI's own (0:0) dir so it survives a switch

Round-trip test exposed it: during a rooted stint the WebUI (root-in-
container) writes root-owned files into its data dir; back in rootless the
WebUI user (dockerinstall) can't manage them -> container Exited(137).
Since the WebUI is LibrePortal's OWN regenerable 0:0 component, reconcile now
also chowns containers/libreportal to the mode's container owner (root rooted
/ install user rootless). Validated: after this the WebUI returns to HTTP 200.
Third-party app data under containers/ is still untouched (backup/restore).

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Signed-off-by: librelad <librelad@digitalangels.vip>
This commit is contained in:
librelad 2026-05-24 01:28:56 +01:00
parent 068db94320
commit e9bea13d3b

View File

@ -41,6 +41,18 @@ reconcileDockerOwnership()
done
[[ -f "$docker_dir/$db_file" ]] && runSystem chmod o+r "$docker_dir/$db_file"
# LibrePortal's OWN WebUI container dir is regenerable and runs as 0:0
# (root-in-container -> root rooted / install user rootless). Flip it to the
# mode's container owner so the WebUI survives a switch; it's safe to recurse
# because it's all one UID (no per-app uid to clobber). Third-party app data
# elsewhere under containers/ is still left untouched.
local webui_dir="${containers_dir}libreportal"
if [[ -d "$webui_dir" ]]; then
local app_owner="root"
[[ "$mode" == "rootless" ]] && app_owner="$docker_install_user"
runSystem chown -R "$app_owner:$app_owner" "$webui_dir"
fi
isSuccessful "Reconciled LibrePortal control-plane ownership for $mode ($owner)"
}