Init fails via webgui, works via cli (docker cifs volume) - permission denied

Bug
#1

Please describe what you are doing to trigger the bug:
Using the duplicacy:testing docker image.
I have 2 backup jobs pointing to a mapping of a smb share. Those setup as backups to local directory works fine. Now to avoid having the smb share exposed on the host, i created a docker volume with the cifs driver. If i now add an existing repo from that volume i can run a check and it works. As soon as i try to init a new repo (or run a backup on it) it fails with permission denied.
If i bash into the container and do a manual init via cli it works fine and the repo gets created.

Please describe what you expect to happen (but doesn’t):
Behavior should be the same via web as via manual init via cli

Please describe what actually happens (the wrong behaviour):
Running /app/.duplicacy-web/bin/duplicacy_linux_x64_2.7.2 [-log -d init -e -storage-name SMB_Test duplicacyweb /backupdrive/test
ERROR CONFIG_INIT Failed to configure the storage: open /backupdrive/test/config.vrmpbmfq.tmp: permission denied
Failed to initialize the storage at /backupdrive/test: Failed to configure the storage: open /backupdrive/test/config.vrmpbmfq.tmp: permission denied

#2

Well, obvious question is – is this location actually writable by the user duplciacy is running as?

It would be useful to know which container are you using (there are several; or see your dockerfile if it is your own) and your full docker run command, as well as volume configuration.

And finally, duplicacy does not benefit from containerization – it’s already single self-contained executable. you can just run it as-is.

#3

True, should’ve mentioned it, using hotio/duplicacy:testing
It was indeed an issue with docker mounting the volume as root as default, mounting it with the uid/gid of the user running the container solved the issue.

The reason why i want it in a docker is imo already explained with what i’m doing that brought me to the issue :slight_smile: i now don’t have any backup targets exposed on the host, which adds a small layer of additional security, in case of ransomware and sorts.

Edit: If any mod feels free to move this in a better section, please do so, as it isn’t a bug of the webgui, thanks