From ecd3db5632cd2ae7bddfdd84641e86e65335af19 Mon Sep 17 00:00:00 2001 From: librelad Date: Sun, 24 May 2026 13:39:06 +0100 Subject: [PATCH] fix(rootless): route requirement/disk docker checks through runFileOp MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Three docker calls ran the binary directly (two plain, one sudo), so in rootless they hit /var/run/docker.sock (the rooted socket, absent) and printed 'Cannot connect to the Docker daemon' — the WebUI-image requirement check, the system-disk WebUI generator (docker system df), and the app-install fallback (docker ps). Route all three through runFileOp, which in rootless runs as the docker install user with DOCKER_HOST set and is argv-safe for --format, and in rooted runs as the manager via the docker group. Co-Authored-By: Claude Opus 4.7 Signed-off-by: librelad --- scripts/checks/requirements/check_app_install.sh | 4 ++-- scripts/checks/requirements/check_webui_image.sh | 2 +- scripts/webui/data/generators/system/webui_system_disk.sh | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/scripts/checks/requirements/check_app_install.sh b/scripts/checks/requirements/check_app_install.sh index 940eee1..fbd0232 100644 --- a/scripts/checks/requirements/check_app_install.sh +++ b/scripts/checks/requirements/check_app_install.sh @@ -114,6 +114,6 @@ _appReqServiceInstalled() status=$(dockerCheckAppInstalled "$svc" "docker" 2>/dev/null) [[ "$status" == "installed" ]] && return 0 || return 1 fi - # Fallback: ask docker directly. - sudo docker ps -a --format '{{.Names}}' 2>/dev/null | grep -q "^${svc}-service$" + # Fallback: ask docker directly (mode-aware: rootless hits the rootless socket). + runFileOp docker ps -a --format '{{.Names}}' 2>/dev/null | grep -q "^${svc}-service$" } diff --git a/scripts/checks/requirements/check_webui_image.sh b/scripts/checks/requirements/check_webui_image.sh index 830923c..1964c8a 100755 --- a/scripts/checks/requirements/check_webui_image.sh +++ b/scripts/checks/requirements/check_webui_image.sh @@ -3,7 +3,7 @@ checkLibrePortalWebUIImageRequirement() { if [[ $CFG_REQUIREMENT_WEBUI == "true" ]]; then - if docker images --format "{{.Repository}}:{{.Tag}}" | grep -q "libreportal-service:latest"; then + if runFileOp docker images --format "{{.Repository}}:{{.Tag}}" | grep -q "libreportal-service:latest"; then isSuccessful "LibrePortal WebUI Docker Image appears to be setup." else isNotice "LibrePortal WebUI Docker Image has not been setup." diff --git a/scripts/webui/data/generators/system/webui_system_disk.sh b/scripts/webui/data/generators/system/webui_system_disk.sh index b8bba49..b157fae 100755 --- a/scripts/webui/data/generators/system/webui_system_disk.sh +++ b/scripts/webui/data/generators/system/webui_system_disk.sh @@ -17,7 +17,7 @@ webuiSystemDisk() { local docker_percent="0" if command -v docker &> /dev/null; then - docker_usage=$(docker system df --format "{{.Size}}" | head -1 2>/dev/null || echo "N/A") + docker_usage=$(runFileOp docker system df --format "{{.Size}}" 2>/dev/null | head -1 || echo "N/A") if [[ "$docker_usage" != "N/A" ]]; then # Convert Docker usage to GB for calculation docker_used=$(echo "$docker_usage" | sed 's/GB//g' | sed 's/MB//g' | awk '{print $1*1}' 2>/dev/null || echo "0")