[Solved] folder '/movies' is not writable by user 'abc'

[Seroleashed]

Hey there,

first off: Thank you so much for this project. It already solved a lot of issues I had while trying to set up my own system (even though I was still not able to make it run).

I am currently stuck in the setup process after running the install script and thereby creating all containers.

Now I am at the point where I am trying to add the root folder /movies to Radarr.

The folder "/movies" exists on the "media" folder (in my case /mnt/nas1/media since I want to have it on my nas eventually. The folder is not yet a samba nas folder but will be. However, since it's not yet, that shouldn't be an issue (it's just the explanation for why I chose that folder structure).

I have a user named "media" on the Raspberry Pi 4 I am using for this. I followed the steps in the installation How to, I made sure that "media" is the owner of the folder /mnt/nas1/media and its subfolders and that "media" has write privileges to these folders.

I am also able to create a file in the movies folder from the raspberry pi console using nano and creating a new file from the docker container console using echo "Test" >> /movies/test.txt.

Yet, when trying to add the /movies folder in the Radarr webUI I get the before mentioned error message...

I even set the PUID and PGID manually to the media's PUID and PGID (1000).

I am quite new to Linux, etc. so I am really at a lost end right now. Any ideas what I could do/check to make this work?

Thanks a lot in advance!! =)

[rogs]

Hey @Seroleashed!

Thank you for the detailed explanation! Can you send me the values of your .env file? It's located in /your/install/location/.env. It's a hidden file, so just run cat .env in the installation directory. Make sure you remove your VPN credentials before sharing!

Cheers!

Roger.

[Seroleashed]

Hey @rogs,

thanks for the quick response.

Here ist my .env file. As far as I remember, I didn't edit it so far (I tried multiple things and remember looking into the file, but I think I didn't edit it).

Code: Select all

# Base configuration
PUID=1000
PGID=1000
MEDIA_DIRECTORY=/mnt/nas1/media
INSTALL_DIRECTORY=/opt/yams
MEDIA_SERVICE=jellyfin

# VPN configuration
VPN_ENABLED=y
VPN_SERVICE=private internet access
VPN_USER=*PIA Username*
VPN_PASSWORD=*PIA password*

Also, I forgot to mention, that I also want to install "HomeAssistant Supervised" on that same Raspberry Pi which wants "AppArmor" to be installed. According to some research this can cause issues with folder access and I had to add

Code: Select all

security_opt:
  - apparmor=unconfined

to each service in the docker-compose.yaml file that needs to access folders on the host system.

This is probably the most important bit of all the information, so I am really sorry, I forgot that yesterday...

Here is my docker-compose.yaml:

Code: Select all

version: "3"

services:
  # jellyfin is used to serve your media to the client devices
  jellyfin:
    image: lscr.io/linuxserver/${MEDIA_SERVICE}
    container_name: ${MEDIA_SERVICE}
    #network_mode: host # plex
    environment:
      - PUID=1000
      - PGID=1000
      - VERSION=docker
    volumes:
      - ${MEDIA_DIRECTORY}/movies:/data/movies
      - ${MEDIA_DIRECTORY}/tvshows:/data/tvshows
      - ${INSTALL_DIRECTORY}/config/${MEDIA_SERVICE}:/config
    ports: # plex
      - 8096:8096 # plex
    restart: unless-stopped
    security_opt:
      - apparmor=unconfined

  # qBitorrent is used to download torrents
  qbittorrent:
    image: lscr.io/linuxserver/qbittorrent:4.6.0
    container_name: qbittorrent
    environment:
      - PUID=1000
      - PGID=1000
      - WEBUI_PORT=8080
    volumes:
      - ${MEDIA_DIRECTORY}/downloads:/downloads
      - ${INSTALL_DIRECTORY}/config/qbittorrent:/config
    restart: unless-stopped
    ####ports: # qbittorrent
      ####- 8080:8080 # qbittorrent
    network_mode: "service:gluetun"

  # Sonarr is used to query, add downloads to the download queue and index TV shows
  # https://sonarr.tv/
  sonarr:
    image: lscr.io/linuxserver/sonarr
    container_name: sonarr
    environment:
      - PUID=1000
      - PGID=1000
    volumes:
      - ${MEDIA_DIRECTORY}/tvshows:/tv
      - ${MEDIA_DIRECTORY}/downloads:/downloads
      - ${INSTALL_DIRECTORY}/config/sonarr:/config
    ports:
      - 8989:8989
    restart: unless-stopped
    security_opt:
      - apparmor=unconfined

  # Radarr is used to query, add downloads to the download queue and index Movies
  # https://radarr.video/
  radarr:
    image: lscr.io/linuxserver/radarr
    container_name: radarr
    environment:
      - PUID=1000
      - PGID=1000
    volumes:
      - ${MEDIA_DIRECTORY}/movies:/movies
      - ${MEDIA_DIRECTORY}/downloads:/downloads
      - ${INSTALL_DIRECTORY}/config/radarr:/config
    ports:
      - 7878:7878
    restart: unless-stopped
    security_opt:
      - apparmor=unconfined

  # Lidarr is used to query, add downloads to the download queue and index Music
  # https://lidarr.audio/
  lidarr:
    image: lscr.io/linuxserver/lidarr
    container_name: lidarr
    environment:
      - PUID=1000
      - PGID=1000
    volumes:
      - ${MEDIA_DIRECTORY}/music:/music
      - ${MEDIA_DIRECTORY}/downloads:/downloads
      - ${INSTALL_DIRECTORY}/config/lidarr:/config
    ports:
      - 8686:8686
    restart: unless-stopped
    security_opt:
      - apparmor=unconfined

  # Readarr is used to query, add downloads to the download queue and index Audio and Ebooks
  # https://readarr.com/
  readarr:
    image: lscr.io/linuxserver/readarr:develop
    container_name: readarr
    environment:
      - PUID=1000
      - PGID=1000
    volumes:
      - ${MEDIA_DIRECTORY}/books:/books
      - ${MEDIA_DIRECTORY}/downloads:/downloads
      - ${INSTALL_DIRECTORY}/config/readarr:/config
    ports:
      - 8787:8787
    restart: unless-stopped
    security_opt:
      - apparmor=unconfined

  # Bazarr is used to download and categorize subtitles
  # https://www.bazarr.media/
  bazarr:
    image: lscr.io/linuxserver/bazarr
    container_name: bazarr
    environment:
      - PUID=1000
      - PGID=1000
    volumes:
      - ${MEDIA_DIRECTORY}/movies:/movies
      - ${MEDIA_DIRECTORY}/tvshows:/tv
      - ${INSTALL_DIRECTORY}/config/bazarr:/config
    ports:
      - 6767:6767
    restart: unless-stopped
    security_opt:
      - apparmor=unconfined

  # Prowlarr is our torrent indexer/searcher. Sonarr/Radarr use Prowlarr as a source
  # https://prowlarr.com/
  prowlarr:
    image: lscr.io/linuxserver/prowlarr
    container_name: prowlarr
    environment:
      - PUID=1000
      - PGID=1000
    volumes:
      - ${INSTALL_DIRECTORY}/config/prowlarr:/config
    ports:
      - 9696:9696
    restart: unless-stopped

  # Gluetun is our VPN, so you can download torrents safely
  gluetun:
    image: qmcgaw/gluetun:v3
    container_name: gluetun
    cap_add:
      - NET_ADMIN
    devices:
      - /dev/net/tun:/dev/net/tun
    ports:
      - 8888:8888/tcp # HTTP proxy
      - 8388:8388/tcp # Shadowsocks
      - 8388:8388/udp # Shadowsocks
      - 8080:8080/tcp # gluetun
    volumes:
      - ${INSTALL_DIRECTORY}/config/gluetun:/config
    environment:
      - VPN_SERVICE_PROVIDER=${VPN_SERVICE}
      - VPN_TYPE=openvpn
      - OPENVPN_USER=${VPN_USER}
      - OPENVPN_PASSWORD=${VPN_PASSWORD}
      - OPENVPN_CIPHERS=AES-256-GCM
    restart: unless-stopped

  # Portainer helps debugging and monitors the containers
  portainer:
    image: portainer/portainer-ce
    container_name: portainer
    ports:
      - 9000:9000
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - ${INSTALL_DIRECTORY}/config/portainer:/data
    restart: unless-stopped

  # Watchtower is going to keep our instances updated
  watchtower:
    image: containrrr/watchtower
    container_name: watchtower
    environment:
      - WATCHTOWER_CLEANUP=true
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
    restart: unless-stopped

As you can see, I also manually changed the PUID and PGID as mentioned before, but that didn't help. I am more and more convinced that this is all related to "AppArmor" however, I don't understand why and what needs to be changed. But then also: I am not experienced with Linux and Docker at all, so... What do I know!?

EDIT:
I deactivated appamor with

Code: Select all

sudo systemctl stop apparmor
sudo systemctl disable apparmor

and restarted the containers with

Code: Select all

docker compose down
docker compose up -d

in /opt/yams. However, that didn't change anything about being able to add the "/movies" folder, so I tried starting the containers with

Code: Select all

sudo docker compose up

and now I was actually able to add the "/movies" folder. I ran

Code: Select all

sudo chmod -R 777 /mnt/nas1/media

and when restarting the containers with

Code: Select all

docker compose up # no "sudo" here

I was finally able to add the /movies folder without any issues.

I am terribly sorry for this post. I was 100 % certain I ran that command multiple times before but must have run it incorrectly or something... Anyway, now it's working.

Thanks again for your quick response and this awesome piece of tech!

How can I mark this issue as "solved"? Maybe there are others that run into this issue and also missed changing the write permission on their newly created folder...

[rogs]

Oh, that makes sense now! Maybe you need to add your media user to the sudo group! Anyways, I'm glad it was solved for you! Thank you for your extremely detailed descriptions!

I'll mark the issue as "solved"