Help: no permission on /updater/data/updates.json #157

New Issue

saavagebueno · 2025-11-20T04:21:03-05:00

saavagebueno commented

2025-11-20 04:21:03 -05:00

Originally created by @ghost on GitHub (Dec 15, 2021).

when i am using the docker compose script, i will get an error of permission issue on /updater/data/updates.json.

if i using the command to run the container
docker run -d -p 8000:8000/tcp -v "$(pwd)"/data:/updater/data qmcgaw/ddns-updater

i wont have this issue. can i know how to solve this with the compose script? since i can have more options there as well. quite new to docker in this case

i am executing this compose command script with portainer tho. i am not sure if portainer has any problem with it, i have followed the instruction guide in chmod the data files etc. still not working

Originally created by @ghost on GitHub (Dec 15, 2021). when i am using the docker compose script, i will get an error of permission issue on /updater/data/updates.json. if i using the command to run the container docker run -d -p 8000:8000/tcp -v "$(pwd)"/data:/updater/data qmcgaw/ddns-updater i wont have this issue. can i know how to solve this with the compose script? since i can have more options there as well. quite new to docker in this case i am executing this compose command script with portainer tho. i am not sure if portainer has any problem with it, i have followed the instruction guide in chmod the data files etc. still not working

saavagebueno closed this issue

2025-11-20 04:21:03 -05:00

saavagebueno commented

2025-11-20 04:21:04 -05:00

@qdm12 commented on GitHub (Dec 16, 2021):

It's most likely not the same paths then. Try to use absolute paths in both instead of relative paths to avoid any confusion.

@qdm12 commented on GitHub (Dec 16, 2021): It's most likely not the same paths then. Try to use absolute paths in both instead of relative paths to avoid any confusion.

saavagebueno commented

2025-11-20 04:21:04 -05:00

@duchenpaul commented on GitHub (Dec 23, 2021):

I think the issue is the default UID and GID is hardcoded as 1000, and his id are not, I think it is more suitable not to hardcode that but to pass as a env parameter for users to choose, default as 0, which is root

https://github.com/qdm12/ddns-updater/blob/master/README.md?plain=1#L310

@duchenpaul commented on GitHub (Dec 23, 2021): I think the issue is the default UID and GID is hardcoded as 1000, and his id are not, I think it is more suitable not to hardcode that but to pass as a env parameter for users to choose, default as 0, which is root https://github.com/qdm12/ddns-updater/blob/master/README.md?plain=1#L310

saavagebueno commented

2025-11-20 04:21:04 -05:00

@qdm12 commented on GitHub (Dec 23, 2021):

I think it is more suitable not to hardcode that but to pass as a env parameter for users to choose

You can't do that, except if your container runs as root. Those images proposing these at runtime do have their entrypoint run as root, and usually drop root for a subprocess. It's better than just running as root, but not as secured as running entirely without root from the start. Also this image is based on scratch so dropping root privileges is not trivial either.

EDIT: I'll see maybe that's possible with more opened files/directories permissions (chmod 777 for most things built-in the image).

@qdm12 commented on GitHub (Dec 23, 2021): > I think it is more suitable not to hardcode that but to pass as a env parameter for users to choose You can't do that, except if your container runs as root. Those images proposing these at runtime do have their entrypoint run as root, and usually drop root for a subprocess. It's better than just running as root, but not as secured as running entirely without root from the start. Also this image is based on scratch so dropping root privileges is not trivial either. EDIT: I'll see maybe that's possible with more opened files/directories permissions (chmod 777 for most things built-in the image).

saavagebueno commented

2025-11-20 04:21:04 -05:00

@qdm12 commented on GitHub (Mar 9, 2022):

That might be some interesting code to try out in the future:

2da266acec/fixuid.go (L287-L305)

Although it has little point if the first process doesn't exit after launching the subprocess without root.

@qdm12 commented on GitHub (Mar 9, 2022): That might be some interesting code to try out in the future: https://github.com/boxboat/fixuid/blob/2da266acec27c3ffde018feb7337e7de2c29ba5c/fixuid.go#L287-L305 Although it has little point if the first process doesn't exit after launching the subprocess without root.

saavagebueno commented

2025-11-20 04:21:04 -05:00

@fustios commented on GitHub (Sep 24, 2022):

Just had the same problem on Unraid.
Unraid defaults to nobody:users 99:100 for created folders, so i had to manually change ownership to 1000.

@fustios commented on GitHub (Sep 24, 2022): Just had the same problem on Unraid. Unraid defaults to nobody:users 99:100 for created folders, so i had to manually change ownership to 1000.

saavagebueno commented

2025-11-20 04:21:04 -05:00

@qdm12 commented on GitHub (Jun 12, 2023):

This is 'by design' (actually not a bug, a feature 😄), and yes running uid and gid are hardcoded in the image since otherwise it will likely run as root by default which is undesirable.

See step 1 of the setup to go around this if you don't want to change permissions of files: https://github.com/qdm12/ddns-updater/#setup

@qdm12 commented on GitHub (Jun 12, 2023): This is 'by design' (actually not a bug, a feature 😄), and yes running uid and gid are hardcoded in the image since otherwise it will likely run as root by default which is undesirable. See step 1 of the setup to go around this if you don't want to change permissions of files: https://github.com/qdm12/ddns-updater/#setup

saavagebueno referenced this issue

2025-11-20 04:25:30 -05:00

[PR #157] [MERGED] introduce ddnsgopher logo #630

Sign in to join this conversation.

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/ddns-updater#157