Hi all,
Is there a way to run OpenHAB Docker container with specific user/user group?
I tried the USER_ID and GROUP_ID as documented here (Docker Hub) without luck, it complains creating a user that already exists.
I need to run OpenHAB due to the limitation of my QNAP NAS. By default QNAP only allows the “admin” users to read/write /dev/ttyUSB* devices. So basically I need to run OpenHAB as “admin” (uid = 0) to make it work.
What complains about creating a user that already exists? The entrypoint script only tries to create a user inside the container if there isn’t already a user defined with that UID and GID specified in the passed in environment variables. If you used 0 for both then it would see that a user already exists and skip all the user creation stuff.
That doesn’t sound right. What are the permissions on the /dev/ttyUSB* files? Usually they are something like root:dialout with rw permissions for user and group. That means any member of the dialout group should be allowed to access it. Even if it’s owned by root:root you just have to add the openhab user to the root group.
I suppose it’s possible but I’ve never seen a Linux or USB system that didn’t have read/write permissions for the group on dev files. Then again, QNAP and Synology users tend to have the hardest time getting OH up and running of all the platforms so who knows.
Hi @rlkoshak, thanks for your reply! To be honest I’m no expert in Docker but when I set USER_ID and GROUP_ID the container just keep restarting, in the docker log I see the following entries:
+ '[' limited = unlimited ']'
+ rm -f /openhab/runtime/instances/instance.properties
+ rm -f /openhab/userdata/tmp/instances/instance.properties
Starting with openhab user id: 0 and group id: 0
+ NEW_USER_ID=0
+ NEW_GROUP_ID=0
+ echo 'Starting with openhab user id: 0 and group id: 0'
+ id -u openhab
++ getent group 0
+ '[' -z openhab:x:0: ']'
++ getent group 0
++ cut -d: -f1
+ group_name=openhab
+ echo 'Rename group openhab to openhab'
+ groupmod --new-name openhab openhab
Rename group openhab to openhab
Create user openhab with id 0
+ echo 'Create user openhab with id 0'
+ adduser -u 0 --disabled-password --gecos '' --home /openhab --gid 0 openhab
Warning: The home dir /openhab you specified already exists.
adduser: The UID 0 is already in use.
It makes me think that adduser fails because UID 0 already exists. I don’t know what complains though.
Unfortunately Qnap’s QTS is a modified version of Linux, you can see the discussion of similar issue here: https://forum.qnap.com/viewtopic.php?t=154502
Anyways what I want is OpenHAB starts with UID 0 so it will have read/write access to ttyUSB device, I know it’s not ideal but still 100 times better than the autostart.sh hack.
In that case it looks a lot like this won’t work. You can see the code in questions here. It starts up and sees there is no openhab user. Then it tries to create an openhab user with UID 0 which is not allowed because UID 0 is already in use.
You’ll have to create a custom Docker image to work around this. One that doesn’t try to create an openhab user and just uses UID 0.
I see thank you!
I experienced similar installing OpenHab in Docker on Synology. The solution was a mix of configuration via the Synology GUI and commands entered via SSH. The first part of this post (regarding user creation) may help
@JimH, thanks for the tutorial.
I actually tried the udev .rules but looks like QTS removes the file when it restarts.
Looks like DSM is different in that regard. Anyways I’d really hope OpenHAB docker can run as uid 0, most my other containers support it via PUID environment variable, not sure why OpenHAB cannot.