[GH-ISSUE #1258] Question: shell commands passed in to Docker-Compose archivebox are getting executed as root and failing #2282

Closed
opened 2026-03-01 17:57:54 +03:00 by kerem · 2 comments
Owner

Originally created by @Brancliff on GitHub (Oct 29, 2023).
Original GitHub issue: https://github.com/ArchiveBox/ArchiveBox/issues/1258

I'm sorta new to this sort of thing, but I thought if you wanted to run these containers as root, you'd say something like "privileged: true" in the docker-compose or something. I didn't, but I'm still getting errors trying to spin this up.

Here's my docker-compose:

version: '3.3'
services:
  archivebox:
    image: ${DOCKER_IMAGE:-archivebox/archivebox:dev}
    command: server --quick-init 0.0.0.0:8000
    ports:
    - 8000:8000
    volumes:
    - /share/CE_CACHEDEV1_DATA/Library/Containers/ArchiveBox:/data

And here's the error I get when trying to make a new user:

root@f0fb2b38ca59:/data# archivebox manage createsuperuser
find: ‘/root/.config/chromium/Crash Reports/pending/’: No such file or directory
[i] [2023-10-29 08:29:22] ArchiveBox v0.6.3: archivebox manage createsuperuser
    > /data

[!] ArchiveBox should never be run as root!
    For more information, see the security overview documentation:
        https://github.com/ArchiveBox/ArchiveBox/wiki/Security-Overview#do-not-run-as-root
root@f0fb2b38ca59:/data# 

I mean, I can understand that these commands start with root@something, I just don't know what I need to put in my docker-compose to not do that

Originally created by @Brancliff on GitHub (Oct 29, 2023). Original GitHub issue: https://github.com/ArchiveBox/ArchiveBox/issues/1258 I'm sorta new to this sort of thing, but I thought if you wanted to run these containers as root, you'd say something like "privileged: true" in the docker-compose or something. I didn't, but I'm still getting errors trying to spin this up. Here's my docker-compose: ``` version: '3.3' services: archivebox: image: ${DOCKER_IMAGE:-archivebox/archivebox:dev} command: server --quick-init 0.0.0.0:8000 ports: - 8000:8000 volumes: - /share/CE_CACHEDEV1_DATA/Library/Containers/ArchiveBox:/data ``` And here's the error I get when trying to make a new user: ``` root@f0fb2b38ca59:/data# archivebox manage createsuperuser find: ‘/root/.config/chromium/Crash Reports/pending/’: No such file or directory [i] [2023-10-29 08:29:22] ArchiveBox v0.6.3: archivebox manage createsuperuser > /data [!] ArchiveBox should never be run as root! For more information, see the security overview documentation: https://github.com/ArchiveBox/ArchiveBox/wiki/Security-Overview#do-not-run-as-root root@f0fb2b38ca59:/data# ``` I mean, I can understand that these commands start with root@something, I just don't know what I need to put in my docker-compose to **not** do that
kerem closed this issue 2026-03-01 17:57:54 +03:00
Author
Owner

@pirate commented on GitHub (Oct 30, 2023):

How are you entering the docker shell to run archivebox manage createsuperuser?

The container is not running as root the way you have it configured, however you must be using some special method of getting to the bash shell that runs the shell process as root, as that's not what normally happens.
Make sure you're running docker compose run archivebox manage createsuperuser, it takes care of changing the user for you.

docker compose exec ... or any other command that would drop you into a root shell is not supported, but if you only have one of those methods available you can run su archivebox within the shell to switch to the archivebox user.

<!-- gh-comment-id:1785864956 --> @pirate commented on GitHub (Oct 30, 2023): How are you entering the docker shell to run `archivebox manage createsuperuser`? The container is not running as root the way you have it configured, however you must be using some special method of getting to the bash shell that runs the shell process as root, as that's not what normally happens. Make sure you're running `docker compose run archivebox manage createsuperuser`, it takes care of changing the user for you. `docker compose exec ...` or any other command that would drop you into a root shell is not supported, but if you only have one of those methods available you can run `su archivebox` within the shell to switch to the archivebox user.
Author
Owner

@pirate commented on GitHub (Jan 19, 2024):

Closing as stale.

For future reference make sure all archivebox commands are run with docker compose run archivebox ... not docker compose exec archivebox. There is a new warning in v0.7.2 that shows if it's run the wrong way by mistake.

<!-- gh-comment-id:1899908528 --> @pirate commented on GitHub (Jan 19, 2024): Closing as stale. For future reference make sure all archivebox commands are run with `docker compose run archivebox ...` not `docker compose exec archivebox`. There is a new warning in v0.7.2 that shows if it's run the wrong way by mistake.
Sign in to join this conversation.
No milestone
No project
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/ArchiveBox#2282
No description provided.