fix: allow non-0 GID process to access and execute #814

ymartin59 · 2025-10-23T12:33:56Z

When running container from a docker compose using a service account (for instance UID=1000 and GID=1000), execution fails with

Error response from daemon: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: exec: "/opt/sonarqube/docker/entrypoint.sh": stat /opt/sonarqube/docker/entrypoint.sh: permission denied: unknown

Exerpt of docker compose:

  sonarqube:
    image: docker.io/library/sonarqube:
    user: "1000:0"
    hostname: sonarqube
    container_name: sonarqube
    read_only: true
    depends_on:
      db:
        condition: service_healthy
      traefik:
        condition: service_started
    environment:
      SONARQUBE_UID: 1000
      SONARQUBE_GID: 1000

Not tested but I am convinced this same issue prevents execution "as is" in Kubernetes context.

Thank you in advance for your help,
Yves

fix: allow non-0 GID process to access and execute

a3f01ce

carminevassallo self-requested a review October 27, 2025 09:53

carminevassallo self-assigned this Oct 27, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

fix: allow non-0 GID process to access and execute #814

fix: allow non-0 GID process to access and execute #814

Uh oh!

ymartin59 commented Oct 23, 2025 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

fix: allow non-0 GID process to access and execute #814

Are you sure you want to change the base?

fix: allow non-0 GID process to access and execute #814

Uh oh!

Conversation

ymartin59 commented Oct 23, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

ymartin59 commented Oct 23, 2025 •

edited

Loading