Skip to content

Changed rabbitmq user/group to be non-system #40

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

Changed rabbitmq user/group to be non-system #40

wants to merge 1 commit into from

Conversation

oskapt
Copy link

@oskapt oskapt commented Sep 21, 2015

I'm doing development using Vagrant, and I have /workspace mounted from my local machine (OSX). Regardless of local ownership, this directory shows up owned by vagrant:vagrant inside of the VM. Commands like chown don't change this, so if I share this directory into the rabbitmq container for persistence, it shows up owned by UID 1000. The result is that rabbitmq can't create mnesia or any data within that directory.
The cause is that the user and group are created as system objects, with UID/GID 999. If we remove the -r parameter, they'll be created as UID 1000, which maps to the vagrant user within the VM and allows for the content creation.
The use of system users is good in theory but may not be absolutely necessary. In this case I've identified a situation where that parameter breaks the container's usability, so I'm providing a pull request that removes the -r parameters.

@jcross-linkup
Copy link

Have you considered using a data container (mounting volumes from another container that isn't running) instead? That should prevent any UID/GID collisions with your host and provide you with persistence. That's how we handle docker + vagrant integration on my team.

@oskapt
Copy link
Author

oskapt commented Oct 13, 2015

In production we generally do use a data container, but this alone doesn't guarantee persistence. It only provides the convenience of having everything in one place. I don't have this in development because "persistence" is derived from having my development folder mapped through from my Mac to /workspace.

I don't know if a data container will solve this, since the problem still relates to file ownership by vagrant and the inability to chown.

Feel free to not merge the PR if you wish.

@yosifkit
Copy link
Member

This would work and solve it for most Mac users, but could break users that are relying on the specific UID/GID of 999. I would rather give the users the ability to choose what user and group to run the process as, so that even if they are a different UID it will work for them too.

@yosifkit yosifkit mentioned this pull request Jan 15, 2016
Merged
@tianon
Copy link
Member

tianon commented Feb 22, 2016

The change in #60 adjusted this such that if permissions on the filesystem are set correctly, running the container with --user 999:999 (or whatever other values are desirable) should work as-is. 👍

@tianon tianon closed this Feb 22, 2016
@oskapt
Copy link
Author

oskapt commented Feb 22, 2016

Thanks. FWIW, using a data container did not solve the issue when running under Vagrant on OSX.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@oskapt @jcross-linkup @yosifkit @tianon