unifi-docker: Can't start unifi container as non-root user
Hello,
I’m trying to start the unifi-docker container (“latest” tag) on a Raspberry Pi 4 running Bullseye Arm64. It starts fine as the root user, but not as a custom non-root user that I’ve created:
docker run -d --restart=unless-stopped --net=host --name unifi --user="1001:1001" -e TZ='America/Toronto' -v /home/pi/docker/unifi:/unifi jacobalberty/unifi:latest
This results in the following error message in the mongodb.log file: ERROR: Cannot write pid file to /usr/lib/unifi/run/mongod.pid: Permission denied
And a similar error in the Docker log: rm: cannot remove ‘/var/run/unifi/unifi.pid’: Permission denied
The issue is that the above system folders require root privileges for write access. How can I fix this without running unifi as root?
I’m a novice with Docker, so if I’m missing something obvious my apologies.
Thanks!
About this issue
- Original URL
- State: open
- Created 2 years ago
- Reactions: 1
- Comments: 17 (6 by maintainers)
Commits related to this issue
- Move rundir into /unifi/run See issue #525 — committed to jacobalberty/unifi-docker by jacobalberty 2 years ago
- Use permset to ensure /unifi is owned by the user specified in docker run command line see #525 — committed to jacobalberty/unifi-docker by jacobalberty 2 years ago
- Use permset to ensure /unifi is owned by the user specified in docker run command line see #525 — committed to jacobalberty/unifi-docker by jacobalberty 2 years ago
- Use permset to ensure /unifi is owned by the user specified in docker run command line see #525 — committed to jacobalberty/unifi-docker by jacobalberty 2 years ago
- Use permset to ensure /unifi is owned by the user specified in docker run command line see #525 — committed to jacobalberty/unifi-docker by jacobalberty 2 years ago
- Use permset to ensure /unifi is owned by the user specified in docker run command line see #525 — committed to jacobalberty/unifi-docker by jacobalberty 2 years ago
- Use permset to ensure /unifi is owned by the user specified in docker run command line see #525 — committed to jacobalberty/unifi-docker by jacobalberty 2 years ago
- Use permset to ensure /unifi is owned by the user specified in docker run command line see #525 — committed to jacobalberty/unifi-docker by jacobalberty 2 years ago
- Update to 8.0.24 Official (#697) * Remove value from PKGURL arg * Remove unneeded hotfixes for beta * Use permset to ensure /unifi is owned by the user specified in docker run command line see... — committed to jacobalberty/unifi-docker by Gamertech 6 months ago
Just wanted to add that I found another way to do it without using the environment variables. I added a mapping using
-vfor/var/run/unifiin addition to the existing mapping for/unifi. I made sure to chown the mapped folder to the unifi user and group (1001 in my case). Then, I ran the docker container using--user="1001:1001"without the environment variables. This enabled Unifi and mongodb to successfully write their PID files.