[BUG] Unable to run docker-compose when Docker host has userns-remap is enabled

[fleischsalatinspace]

Version: latest master@534dfde63a11411f6314c1a4568dd5c83259ba31
Setup: development

Description

When try to start this project on a docker host/daemon with enabled userns-remap (https://docs.docker.com/engine/security/userns-remap/), docker-compose fails because of missing permissions for several mounts.
Docker-daemon settings:

root@vagrant-docker-act:~/pathfinder-containers# cat /etc/docker/daemon.json 
{
    "userns-remap": "default"
}

Logs:

Creating pfdev-socket ... error
Creating pfdev-db     ... 
Creating pfdev-redis  ... 
Creating traefik      ... 

Creating pfdev-db     ... error
go:545: container init caused: rootfs_linux.go:76: mounting "/root/pathfinder-containers/websocket" to rootfs at "/app" caused: stat /root/pathfinder-containers/websocket: permission denied: unknown

ERROR: for pfdev-db  Cannot start service pfdb: OCI runtime create failed: container_linux.go:380: starting container process caused: process_linux.go:545: cCreating pfdev-redis  ... done
Creating traefik      ... done

ERROR: for pf-socket  Cannot start service pf-socket: OCI runtime create failed: container_linux.go:380: starting container process caused: process_linux.go:545: container init caused: rootfs_linux.go:76: mounting "/root/pathfinder-containers/websocket" to rootfs at "/app" caused: stat /root/pathfinder-containers/websocket: permission denied: unknown

ERROR: for pfdb  Cannot start service pfdb: OCI runtime create failed: container_linux.go:380: starting container process caused: process_linux.go:545: container init caused: rootfs_linux.go:76: mounting "/root/pathfinder-containers/pathfinder/export/sql/eve_universe.sql.zip" to rootfs at "/eve_universe.sql.zip" caused: stat /root/pathfinder-containers/pathfinder/export/sql/eve_universe.sql.zip: permission denied: unknown
ERROR: Encountered errors while bringing up the project.

Workaround/Fix

• I guess docker-compose file has to be adjusted to work with this. For now you have to disable userns-remap

[fleischsalatinspace]

Setting pathfinder/ , static/ and websocket/ to drwxr-xr-x 2 dockremap dockremap does not solve the problem

Creating pfdev-socket ... 
Creating pfdev-db     ... error
Creating traefik      ... 

Creating pfdev-socket ... error
ontainer init caused: rootfs_linux.go:76: mounting "/root/pathfinder-containers/pathfinder/export/sql/eve_universe.sql.zip" to rootfs at "/eve_universe.sql.zip" caused: stat /root/pathfinder-containers/pathfinder/export/sql/eve_universe.sql.zip: permission denied: unknown
Creating pfdev-redis  ... done
ERROR: for pfdev-socket  Cannot start service pf-socket: OCI runtime create failed: container_linux.go:380: starting container process caused: process_linux.go:545: container init caused: rootfs_linux.go:76: mounting "/root/pathfinder-containers/websocket" to rootfs at "/app" caused: stat /root/pathfinder-containCreating traefik      ... done

ERROR: for pfdb  Cannot start service pfdb: OCI runtime create failed: container_linux.go:380: starting container process caused: process_linux.go:545: container init caused: rootfs_linux.go:76: mounting "/root/pathfinder-containers/pathfinder/export/sql/eve_universe.sql.zip" to rootfs at "/eve_universe.sql.zip" caused: stat /root/pathfinder-containers/pathfinder/export/sql/eve_universe.sql.zip: permission denied: unknown

ERROR: for pf-socket  Cannot start service pf-socket: OCI runtime create failed: container_linux.go:380: starting container process caused: process_linux.go:545: container init caused: rootfs_linux.go:76: mounting "/root/pathfinder-containers/websocket" to rootfs at "/app" caused: stat /root/pathfinder-containers/websocket: permission denied: unknown
ERROR: Encountered errors while bringing up the project.