Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Crontab permission denied with non-privledged user #144

Open
CarterKoopa opened this issue Jan 12, 2024 · 1 comment
Open

Crontab permission denied with non-privledged user #144

CarterKoopa opened this issue Jan 12, 2024 · 1 comment
Labels
enhancement New feature or request type: backup

Comments

@CarterKoopa
Copy link

One more request in regards to hardening!

Right now, the container seems unable to schedule the cron task based on the envionrment variable when running as a non-privledged user. When running as a non-root, custom user (by adding user: UID:GID in the compose file, I will note I'm not using the included backuptool user), the following error is generated:

vaultwarden-backup-1       | /app/entrypoint.sh: line 46: //crontabs: Permission denied
vaultwarden-backup-1       | time="2024-01-12T11:47:11-05:00" level=fatal msg="open //crontabs: no such file or directory"

Could be an error on my part but any input would be appreciated! Thanks!
@ttionya
Copy link
Owner

ttionya commented Jan 14, 2024

Now, using a non-root user must be done through the built-in backuptool (with UID and GID both set to 1100).

This was a poorly designed choice I made early on when I wasn't familiar with Docker. I will redesign the way non-root users are used, such as allowing users to input UID and GID.

For now, you can either use the root user directly or the backuptool user.

@ttionya ttionya added enhancement New feature or request type: backup labels Jan 14, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request type: backup
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@CarterKoopa @ttionya