Minio Bitnami image having trouble with file system permissions

The actual error looks like this:

mc: <ERROR> Unable to save new mc config. open /.mc/$tmpfile.config.json.2361952386: permission denied.

I know permissions related stuff can be a bit of a rabbit hole so I thought I’d ask here first. The Minio Bitnami image sets up:

ENV HOME="/"
USER 1001

The user has no name just UID and GID of 1001. So I’m guessing how Bitnami set up this image’s user and group is conflicting with how Fly.io sets up users in the VM but I thought I’d see if the specific reason is obvious to anyone more in the know here.

Bitnami Minio dockerfile for reference, if it helps: containers/Dockerfile at main · bitnami/containers · GitHub

Just adding a screenshot of what the directory permissions look like in the container in root and in the /.mc folder. In the /.mc folder the user and group are 1001 root.

I found that this may be a general issue with Bitnami rootless containers. It seems that in a local environment with docker and docker compose, the container does not have a user, just the UID 1001: whoami: cannot find name for user ID 1001, while in the fly vm the user is root.

It’s possible that fly only connects as root with the fly ssh console command, which is how I checked, and that this is a false positive. Seems that the root user is also running the entrypoint commands as well? Or does it respect the Dockerfile user for that?

Anyways, after finding these instructions Work With Non-Root Containers for Bitnami Applications I switched from using image to dockerfile that simply looks like this and it works:

FROM bitnami/minio:latest

USER root

I’m still running into one more issue but it’s container specific not to do with fly.io.

error: failed switching to "minio": unable to find user minio: no matching entries in passwd file.

I’ll update here again if I find a solution just in case anyone else is trying to use the same container here.

Got this working with this Dockerfile:

FROM bitnami/minio:latest

USER root

RUN groupadd --gid 1001 --system minio
RUN useradd --uid 1001 --gid minio --no-create-home --system minio
RUN chown --recursive minio:minio /data
RUN chown --recursive minio:minio /.mc

USER minio

Bitnami checks for root and handles differently if so: containers/run.sh at main · bitnami/containers · GitHub

1 Like