Crontab permission denied with non-privledged user

Question

Crontab permission denied with non-privledged user

CarterKoopa opened this issue a year ago · 1 comments

One more request in regards to hardening!

Right now, the container seems unable to schedule the cron task based on the envionrment variable when running as a non-privledged user. When running as a non-root, custom user (by adding user: UID:GID in the compose file, I will note I'm not using the included backuptool user), the following error is generated:

vaultwarden-backup-1       | /app/entrypoint.sh: line 46: //crontabs: Permission denied
vaultwarden-backup-1       | time="2024-01-12T11:47:11-05:00" level=fatal msg="open //crontabs: no such file or directory"

Could be an error on my part but any input would be appreciated! Thanks!

Answer 1 · 2024-01-14T14:36:29.000Z

Now, using a non-root user must be done through the built-in backuptool (with UID and GID both set to 1100).

This was a poorly designed choice I made early on when I wasn't familiar with Docker. I will redesign the way non-root users are used, such as allowing users to input UID and GID.

For now, you can either use the root user directly or the backuptool user.