Skip to content

feat: Use container default user instead of forcing root user #382

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

feat: Use container default user instead of forcing root user #382

wants to merge 2 commits into from

Conversation

ma-04
Copy link

@ma-04 ma-04 commented Aug 29, 2025

If a docker container has an user defined but run with user ID (--user=1000:1000) instead of user name, ofelia can encounter permission related issues with filesystem related tasks.

Also fixes the issue where all jobs were forced to run as root even when the container
had a different default user configured.

Initial testing shows working as expected when a docker container was started with --user restriction.

Changes:

  • Change User field default from "root" to empty string in ExecJob, RunJob, and RunServiceJob
  • Only set User in Docker API calls when explicitly specified by user
  • Matches Docker's default behavior: no --user flag = container's default user

ma-04 added 2 commits August 29, 2025 11:53
@ma-04
feat: use container default user instead of forcing root
8a609d1 
- Change User field default from "root" to empty string in ExecJob, RunJob, and RunServiceJob
- Only set User in Docker API calls when explicitly specified by user
- This matches Docker's default behavior: no --user flag = container's default user
- Update documentation to reflect new default behavior
- Maintains backward compatibility: explicit user settings still work as before

Fixes the issue where all jobs were forced to run as root even when the container
had a different default user configured.
@ma-04
Merge branch 'master' of github.com:mcuadros/ofelia into feat/contain…
37e58a7 
…er_user_default
@ma-04
Copy link
Author

ma-04 commented Sep 3, 2025

@taraspos, any possibility of getting this merged or some feedback?

@taraspos
Copy link
Collaborator

taraspos commented Sep 3, 2025

Hi @ma-04,
Thanks for your PR, this is definitely something that we need to merge.

However, I'm worried about breaking change. A lot of people are using Ofelia and might be relying on current behaviour (don't get me wrong, using root by default is wrong and needs to be fixed), and I don't want to break their deployments out of the blue.

As it stands, there are currently two main versions of Ofelia - 0.3.x (or latest) and 0.4.x-beta.

If this PR is merged as is, it will become part of 0.4.x-beta, where having this breaking change is OK.
However, if you need/want this change as part of the existing 0.3.x, then we will need a separate, backward-compatible version of this change against the 0.3.x branch.

@ma-04
Copy link
Author

ma-04 commented Sep 17, 2025
edited
Loading

Apologies for the late reply.

Ideally, I'd like to get this merged to latest. But I can understand the concern on this breaking workflow for users.

I will be doing some tests to see how it's behaving normally vs with the proposed changes, especially in terms of permission handling to see how it's impacting certain tasks and report back.

Thanks for your input again.

Edit: fix typo and clarify grammar

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@ma-04 @taraspos