scan_files used 'sudo find' to enumerate config files to source. Under the scoped sudoers that's denied, so NO configs got sourced -> CFG_DOCKER_INSTALL_TYPE ended up empty -> runFileOp/runFileWrite fell back to the manager branch and every container-path write failed. Root cause of the 'sudo: a password is required' + 'tee: Permission denied' storm when running under the scoped grant. - configs/ scan (manager-owned): plain find - app_configs scan (/docker/containers, docker-install-owned, not list-readable by the manager): runFileOp find (enumerate as that user; manager still sources each .config, which is o+r). 'containers' install templates stay plain find. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> Signed-off-by: librelad <librelad@digitalangels.vip>
14 lines
332 B
Bash
Executable File
14 lines
332 B
Bash
Executable File
#!/bin/bash
|
|
|
|
checkDockerRootlessRequirement()
|
|
{
|
|
if [[ $CFG_DOCKER_INSTALL_TYPE == "rootless" ]]; then
|
|
### Docker Rootless
|
|
if grep -q "ROOTLESS" $sysctl; then
|
|
isSuccessful "Docker Rootless appears to be installed."
|
|
else
|
|
isNotice "Docker Rootless does not appear to be installed."
|
|
((preinstallneeded++))
|
|
fi
|
|
fi
|
|
} |