Linux Questions

1569 readers

1 users here now

Linux questions Rules (in addition of the Lemmy.zip rules)

stay on topic
be nice (no name calling)
do not post long blocks of text such as logs
do not delete your posts
only post questions (no information posts)

Tips for giving and receiving help

be as clear and specific
say thank you if a solution works
verify your solutions before posting them as facts.

Any rule violations will result in disciplinary actions

founded 2 years ago

MODERATORS

[email protected]

Podman container doesn't start after system update (pawb.social)

submitted 2 weeks ago* (last edited 2 weeks ago) by [email protected] to c/[email protected]

6 comments fedilink hide all child comments

After an automatic update+reboot of my Debian server my Jellyfin container doesn't work anymore. When I try to run it from the command line I get: Error: crun: make '/home/serve/.local/share/containers/storage/vfs/dir/[string]' private: Permission denied: OCI permission denied

Here's the list of updated packages, in case it's useful: base-files buildah curl dns-root-data intel-microcode libc-bin libc-l10n libc6 libcurl3-gnutls libcurl4 libmariadb3 libpam-systemd libpq5 librabbitmq4 libsystemd-shared libsystemd0 libudev1 linux-image-amd64 locales mariadb-common systemd systemd-sysv tzdata udev vim vim-common vim-runtime vim-tiny wget

I tried doing some searching and it looks like a podman issue, but with no real fix for it? Not sure tbh. Do I need to nuke my container and start again? Or is there a way to fix this while keeping my config?

Small update: I did some digging around in the directories that error out and found that in ~/.local/share/containers/storage/volumes both the jellyfin-cache and jellyfin-config folders are owned by 100000, but they were the only ones. I tried changing ownership to my user but the error persists.

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 2 points 2 weeks ago* (last edited 2 weeks ago) (1 children)

I already tried that, but I couldn't access it without becoming root. The dir folder is owned by 100000 which I assumed is by design and I didn't want to mess up any of my other containers and left it be. But I just noticed that the folder that gives the error doesn't exist at all, don't know if that has anything to do with it. I also tried removing Jellyfins images and redownloading them but nothing changes.

[–] [email protected] 2 points 2 weeks ago (1 children)

without becoming root

Are you logged in as the owner of this home directory (presumably "serve")? If not, you should attempt to or assume it (su). If you are, then you seem to have located a likely culprit.

I really don't think this has anything to do with the upstream images, but something that has happened to the container's storage volume.

[–] [email protected] 2 points 1 week ago (1 children)

Yeah I do everything from the serve account. I did try changing the permissions like I said in the edit of my post. What's confusing me is all my other containers are running fine (Immich, SearxNG, etc.) and it's only Jellyfin having trouble, if it was a permissions problem none of them should start since their media folders get mounted in that same directory (not an expert on podman, correct me if I'm wrong). I also thought that the images are fine, but it doesn't hurt to be through. I'll try changing some permissions around once more later today though.

[–] [email protected] 2 points 1 week ago (1 children)

I'd encourage you to try to understand a bit more about what is happening in the container and runtime before changing things at random.

I don't really have enough information to give you an answer. There are too many variables to guess at.

Here's a couple links to get you started.

https://www.redhat.com/en/blog/container-permission-denied-errors

https://stackoverflow.com/questions/75582763/podman-oci-permission-to-folder-issue

https://old.reddit.com/r/NixOS/s/Jb3qBFEPo3

[–] [email protected] 2 points 1 week ago

Alright, thank you very much. Some good resources to get started, and I sorta got somewhere. After an hour trying every option possible and the container still not working, I tried running chown -R serve:serve ~/ as suggested in the reddit thread above. Kind of a nuclear option, but now the container starts! Too bad it stops itself after a few seconds. Honestly considering re-installing the whole OS at this point.