Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

2025.03.0 - chown: changing ownership of '/etc/pihole/gravity.db_temp': Operation not permitted #1780

Open
node-onl opened this issue Mar 5, 2025 · 3 comments
Open

2025.03.0 - chown: changing ownership of '/etc/pihole/gravity.db_temp': Operation not permitted #1780

node-onl opened this issue Mar 5, 2025 · 3 comments

Comments

@node-onl
Copy link

node-onl commented Mar 5, 2025

This is a: Run Issue

Details

Firstly, thank you for your tireless efforts in maintaining Pi-hole and for all of your work on the new release!

I'm running into an issue after updating to 2025.03.0 which did not occur previously on 2024.07.0.

When attempting to update Gravity, the following errors are received:

chown: changing ownership of '/etc/pihole/gravity.db_temp': Operation not permitted
chmod: changing permissions of '/etc/pihole/gravity.db_temp': Operation not permitted
chmod: changing permissions of '/etc/pihole': Operation not permitted

Have attempted the following:

  • Taking backup using Teleporter
  • Deleting the contents of '/etc/pihole' on the NAS
  • Recreating the container
  • Restoring the configuration via Teleporter

Full output:

  [✓] DNS resolution is available

  [i] Neutrino emissions detected...

  [✓] Preparing new gravity database
  [✓] Creating new gravity databases
  [✓] Pulling blocklist source list into range
  [i] Using libz compression

  [i] Target: https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts
  [✓] Status: No changes detected
  [✓] Parsed 129349 exact domains and 0 ABP-style domains (blocking, ignored 0 non-domain entries)

  [i] Target: https://adguardteam.github.io/HostlistsRegistry/assets/filter_2.txt
  [✓] Status: No changes detected
  [✓] Parsed 6540 exact domains and 0 ABP-style domains (blocking, ignored 0 non-domain entries)

  [i] Target: https://adguardteam.github.io/HostlistsRegistry/assets/filter_38.txt
  [✓] Status: No changes detected
  [✓] Parsed 0 exact domains and 0 ABP-style domains (blocking, ignored 0 non-domain entries)

chown: changing ownership of '/etc/pihole/gravity.db_temp': Operation not permitted
chmod: changing permissions of '/etc/pihole/gravity.db_temp': Operation not permitted
chmod: changing permissions of '/etc/pihole': Operation not permitted
  [✓] Building tree
  [i] Number of gravity domains: 135889 (129360 unique domains)
  [i] Number of exact denied domains: 0
  [i] Number of regex denied filters: 0
  [i] Number of exact allowed domains: 3
  [i] Number of regex allowed filters: 0
  [✓] Optimizing database
  [✓] Swapping databases
  [✓] The old database remains available
  [✓] Cleaning up stray matter

  [✓] Done.

Viewing the container logs in Portainer, I can see the following warning message during startup:

2025-03-05 19:52:56.735 [49M] WARNING: chmod(/etc/pihole/pihole-FTL.db, 416): chmod() failed: Operation not permitted

The '/etc/pihole' volume is mapped to a CIFS share on a Synology NAS:

    volumes:
      - '/mnt/Docker/pihole/etc/pihole:/etc/pihole'

Here is the '/etc/fstab' entry for the share on the host (Debian 12 VM):

//192.168.1.1/Docker /mnt/Docker cifs rw,auto,nobrl,vers=3,credentials=/root/.cifs_credentials_docker,iocharset=utf8,file_mode=0777,dir_mode=0777,mfsymlinks 0 0

Related Issues

  • [ X ] I have searched this repository/Pi-hole forums for existing issues and pull requests that look similar

How to reproduce the issue

  1. Environment data
  • Operating System: Debian 12.9 Bookworm VM
  • Hardware: Proxmox running on a Lenovo m710q
  • Kernel Architecture: 6.1.0-31-amd64
  • Docker Install Info and version:
    • Software source: Official docker-ce
    • Supplimentary Software: Synology, Portainer CE
  • Hardware architecture: x86_64
  1. docker-compose.yml contents:
services:
  pihole:
    container_name: pihole
    image: pihole/pihole:latest
    ports:
      - "53:53/tcp"
      - "53:53/udp"
      - "9080:80/tcp"
      - "9444:443/tcp"
    environment:
      TZ: 'SANITISED'
      FTLCONF_webserver_api_password: 'SANITISED'
      FTLCONF_dns_listeningMode: 'all'
    volumes:
      - '/mnt/Docker/pihole/etc/pihole:/etc/pihole'
    restart: unless-stopped

These common fixes didn't work for my issue

  • [ X ] I have tried removing/destroying my container, and re-creating a new container
  • [ X ] I have tried fresh volume data by backing up and moving/removing the old volume data
@causalmask
Copy link

These permissions issues are biting me as well. I think it has to do with the recent addition of logrotate which runs as root and needs to deal with a bunch of root-owned files. It makes all of my backup jobs fail since I don't run them as root. I've had to exclude pihole dirs from my backup jobs but would prefer not to.

In general, it bothers me when docker containers create a bunch of root owned files as it creates permissions issues on the host side if internal directories are mapped to local directories.

@yubiuser
Copy link
Member

yubiuser commented Mar 8, 2025
edited
Loading

@node-onl

My guess is, this is because of the CIFS filesystem. We have seen it in other places, that network filesystem can cause issues. Could you try to mount the folders to an other base filesystem and see if this fixes the issue?

@node-onl
Copy link
Author

Mounting the directories from local storage resolves the issue.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@yubiuser @node-onl @causalmask