Permission denied opening /app/config.yaml when bind-mounting config with Rootless Podman

[rshxyz]

Important

If you have questions about llama-swap please post in the Q&A in Discussions. Use bug reports when you've found a defect and wish to discuss a fix.

Describe the bug
Running the ghcr.io/mostlygeek/llama-swap:vulkan image under Podman with a read-only bind mount for the config file fails at startup with:

Error loading config: open /app/config.yaml: permission denied

The file is bind-mounted to /app/config.yaml with :ro,Z and the device /dev/dri/renderD128 is passed through. Container is non-privileged with all caps dropped. Expectation is that the app should be able to read the config; instead it cannot open it at all.

Expected behaviour
The container should start normally and read /app/config.yaml from the host bind mount.

Operating system and version

• OS: Alma 10 Linux
• GPUs: AMD/Vulkan

My Configuration

podman run \
  --name llama \
  --hostname llama \
  --network internalOnly \
  --ip 10.89.5.17 \
  --publish 127.0.0.1:9292:8080/tcp \
  --mount type=bind,src=/home/gecko/docker/llama-swap/config/llama-swap.yaml,dst=/app/config.yaml,ro,Z \
  --mount type=bind,src=/home/gecko/docker/llama-swap/models,dst=/models,ro,Z \
  --device /dev/dri/renderD128:/dev/dri/renderD128:rw \
  --log-driver=none \
  --security-opt no-new-privileges --privileged=false \
  --cap-drop=all \
  --rm --pull=newer \
  ghcr.io/mostlygeek/llama-swap:vulkan

[coderabbitai[bot]]

A summary of the changes CodeRabbit can apply:

• Create docs/troubleshooting-containers.md (comprehensive troubleshooting guide), add a link to it in README.md after the Docker examples, and insert helpful comments for rootless Podman users into docker/llama-swap.Containerfile.

• Add a new container troubleshooting guide (docs/troubleshooting-containers.md) explaining rootless Podman UID/GID permission issues and offering four solutions (use --userns=keep-id, build image with host UID/GID, make config world-readable, use a named volume), update docker/llama-swap.Containerfile with comments/examples for overriding UID/GID at build time, and mention the Podman guide in README.md.

• ✅ Create PR with these edits
• 📋 Get copyable edits

[ryan-steed-usa]

Hello,

#368 updated the containers to run with a limited user by default (ARG UID=10001 and ARG GID=10001). This means that the host level file permissions and/or ownership must accommodate the non-root container user context. One potential resolution might be to loosen permissions to make the file world readable (note, that every directory in the path must also be readable):

chmod 644 /home/gecko/docker/llama-swap/config/llama-swap.yaml

Alternatively, the host-level UID/GID allocation can also be used to customize ownership. Note that rootless mode reads /etc/subuid and /etc/subgid to allocate a reservation for host <-> container UID translation. For example, a host GID might map to 1000001 outside the container but remain 10001 within. Then, presuming file path permission of 640, updating group ownership to 1000001 should fix the problem. Something like this (also presuming that every directory in the path is group readable):

sudo chown gecko:1000001 /home/gecko/docker/llama-swap/config/llama-swap.yaml

Additional creative options are available as well. Like a host level shared group to which the gecko user and UID 1000001 are members. File permissions of 640 and ownership of gecko:sharedgroup would suffice.

[rshxyz]

I ended up doing this on the podman run config
--userns=keep-id
--user 1000:1000

Would be nice if you offered a runtime PUID/PGID option (env vars)