[GH-ISSUE #1276] Bug: "ArchiveBox should never be run as root" error after updating docker-compose.yml #782

New issue

Closed

opened 2026-03-01 14:46:15 +03:00 by kerem · 3 comments

kerem commented 2026-03-01 14:46:15 +03:00

Owner

Copy link

Originally created by @yesezra on GitHub (Nov 24, 2023).
Original GitHub issue: https://github.com/ArchiveBox/ArchiveBox/issues/1276

Hello! New ArchiveBox user here. I'm somewhat new to Docker as well so apologies if I'm missing something obvious.

Describe the bug

After installing the app using the recommended docker compose method on macOS, I have been continually getting the following error after editing my docker-compose.yml file.

[!] ArchiveBox should never be run as root!
I'm trying to work through the steps here to use a Chrome/Chromium profile, and I just can't figure out what I'm doing wrong. Unfortunately this seems to break my install every time so I'm having a very difficult time troubleshooting.

Steps to reproduce

1. Remove all existing Archivebox docker images/containers via the GUI.
2. Install using the docker compose method:

mkdir ~/archivebox && cd ~/archivebox
curl -O 'https://raw.githubusercontent.com/ArchiveBox/ArchiveBox/dev/docker-compose.yml'
docker compose run archivebox init --setup

3. Wait for installation to complete and configure a custom username, email, and password.
4. Run the web interface

docker compose up

5. Visit localhost:8000 and verify that the web interface is functional.
6. Hit Ctrl+C in the terminal to stop the webserver
7. in docker-compose.yml, add the following line under environment:

- CHROME_BINARY='/Applications/Google Chrome.app/Contents/MacOS/Google Chrome'

8. Restart the webserver with docker compose up and note error:

% docker compose up
[+] Building 0.0s (0/0)                                                                                                                                      docker:desktop-linux
[+] Running 1/0
 ✔ Container archivebox-archivebox-1  Recreated                                                                                                                              0.0s
Attaching to archivebox-archivebox-1
archivebox-archivebox-1  | chown: cannot access '/browsers/*': No such file or directory
archivebox-archivebox-1  | [i] [2023-11-24 04:02:38] ArchiveBox v0.7.1+editable: archivebox server --quick-init 0.0.0.0:8000
archivebox-archivebox-1  |     > /data
archivebox-archivebox-1  |
archivebox-archivebox-1  | [!] ArchiveBox should never be run as root!
archivebox-archivebox-1  |     For more information, see the security overview documentation:
archivebox-archivebox-1  |         https://github.com/ArchiveBox/ArchiveBox/wiki/Security-Overview#do-not-run-as-root
archivebox-archivebox-1 exited with code 2

9. Remove the line added in step 7 from docker-compose.yml.
10. Attempt to start again with docker compose up and note that the same error exists:

% docker compose up
[+] Building 0.0s (0/0)                                                                                                                                      docker:desktop-linux
[+] Running 1/0
 ✔ Container archivebox-archivebox-1  Created                                                                                                                                0.0s
Attaching to archivebox-archivebox-1
archivebox-archivebox-1  | chown: cannot access '/browsers/*': No such file or directory
archivebox-archivebox-1  | [i] [2023-11-24 04:09:00] ArchiveBox v0.7.1+editable: archivebox server --quick-init 0.0.0.0:8000
archivebox-archivebox-1  |     > /data
archivebox-archivebox-1  |
archivebox-archivebox-1  | [!] ArchiveBox should never be run as root!
archivebox-archivebox-1  |     For more information, see the security overview documentation:
archivebox-archivebox-1  |         https://github.com/ArchiveBox/ArchiveBox/wiki/Security-Overview#do-not-run-as-root
archivebox-archivebox-1 exited with code 2

Screenshots or log output

Included as part of the above steps.

ArchiveBox version

% docker compose run archivebox version
[+] Building 0.0s (0/0)                                                                                                                                      docker:desktop-linux
[+] Building 0.0s (0/0)                                                                                                                                      docker:desktop-linux
chown: cannot access '/browsers/*': No such file or directory
0.7.1+editable
ArchiveBox v0.7.1+editable Cpython Linux Linux-6.4.16-linuxkit-aarch64-with-glibc2.36 aarch64
DEBUG=False IN_DOCKER=True IN_QEMU=False IS_TTY=True TZ=UTC FS_ATOMIC=True FS_REMOTE=True FS_USER=0:0 FS_PERMS=644 SEARCH_BACKEND=ripgrep

[i] Dependency versions:
 √  PYTHON_BINARY         v3.11.6         valid     /usr/local/bin/python3.11
 √  SQLITE_BINARY         v2.6.0          valid     /usr/local/lib/python3.11/sqlite3/dbapi2.py
 √  DJANGO_BINARY         v3.1.14         valid     /usr/local/lib/python3.11/site-packages/django/__init__.py
 √  ARCHIVEBOX_BINARY     v0.7.1          valid     /usr/local/bin/archivebox

 √  CURL_BINARY           v8.4.0          valid     /usr/bin/curl
 √  WGET_BINARY           v1.21.3         valid     /usr/bin/wget
 √  NODE_BINARY           v21.1.0         valid     /usr/bin/node
 √  SINGLEFILE_BINARY     v1.1.18         valid     /app/node_modules/single-file-cli/single-file
 √  READABILITY_BINARY    v0.0.9          valid     /app/node_modules/readability-extractor/readability-extractor
 √  MERCURY_BINARY        v1.0.0          valid     /app/node_modules/@postlight/parser/cli.js
 √  GIT_BINARY            v2.39.2         valid     /usr/bin/git
 √  YOUTUBEDL_BINARY      v2023.10.13     valid     /usr/local/bin/yt-dlp
 √  CHROME_BINARY         v119.0.6045.9   valid     /usr/bin/chromium-browser
 √  RIPGREP_BINARY        v13.0.0         valid     /usr/bin/rg

[i] Source-code locations:
 √  PACKAGE_DIR           24 files        valid     /app/archivebox
 √  TEMPLATES_DIR         4 files         valid     /app/archivebox/templates
 -  CUSTOM_TEMPLATES_DIR  -               disabled  None

[i] Secrets locations:
 -  CHROME_USER_DATA_DIR  -               disabled  None
 -  COOKIES_FILE          -               disabled  None

[i] Data locations:
 √  OUTPUT_DIR            8 files @       valid     /data
 √  SOURCES_DIR           1 files         valid     ./sources
 √  LOGS_DIR              1 files         valid     ./logs
 √  ARCHIVE_DIR           1 files         valid     ./archive
 √  CONFIG_FILE           81.0 Bytes      valid     ./ArchiveBox.conf
 √  SQL_INDEX             212.0 KB        valid     ./index.sqlite3

Many thanks for your help and please let me know if I can clarify anything here!

Originally created by @yesezra on GitHub (Nov 24, 2023). Original GitHub issue: https://github.com/ArchiveBox/ArchiveBox/issues/1276 Hello! New ArchiveBox user here. I'm somewhat new to Docker as well so apologies if I'm missing something obvious. #### Describe the bug After installing the app using the recommended docker compose method on macOS, I have been continually getting the following error after editing my docker-compose.yml file. > ``[!] ArchiveBox should never be run as root!`` I'm trying to work through the steps [here](https://github.com/ArchiveBox/ArchiveBox/wiki/Chromium-Install#setting-up-a-chromium-user-profile) to use a Chrome/Chromium profile, and I just can't figure out what I'm doing wrong. Unfortunately this seems to break my install every time so I'm having a very difficult time troubleshooting. #### Steps to reproduce 1. Remove all existing Archivebox docker images/containers via the GUI. 2. Install using the docker compose method: ``` mkdir ~/archivebox && cd ~/archivebox curl -O 'https://raw.githubusercontent.com/ArchiveBox/ArchiveBox/dev/docker-compose.yml' docker compose run archivebox init --setup ``` 3. Wait for installation to complete and configure a custom username, email, and password. 4. Run the web interface ``` docker compose up ``` 5. Visit localhost:8000 and verify that the web interface is functional. 6. Hit `Ctrl+C` in the terminal to stop the webserver 7. in docker-compose.yml, add the following line under `environment:` ``` - CHROME_BINARY='/Applications/Google Chrome.app/Contents/MacOS/Google Chrome' ``` 8. Restart the webserver with `docker compose up` and note error: ```logs % docker compose up [+] Building 0.0s (0/0) docker:desktop-linux [+] Running 1/0 ✔ Container archivebox-archivebox-1 Recreated 0.0s Attaching to archivebox-archivebox-1 archivebox-archivebox-1 | chown: cannot access '/browsers/*': No such file or directory archivebox-archivebox-1 | [i] [2023-11-24 04:02:38] ArchiveBox v0.7.1+editable: archivebox server --quick-init 0.0.0.0:8000 archivebox-archivebox-1 | > /data archivebox-archivebox-1 | archivebox-archivebox-1 | [!] ArchiveBox should never be run as root! archivebox-archivebox-1 | For more information, see the security overview documentation: archivebox-archivebox-1 | https://github.com/ArchiveBox/ArchiveBox/wiki/Security-Overview#do-not-run-as-root archivebox-archivebox-1 exited with code 2 ``` 9. Remove the line added in step 7 from docker-compose.yml. 10. Attempt to start again with `docker compose up` and note that the same error exists: ```logs % docker compose up [+] Building 0.0s (0/0) docker:desktop-linux [+] Running 1/0 ✔ Container archivebox-archivebox-1 Created 0.0s Attaching to archivebox-archivebox-1 archivebox-archivebox-1 | chown: cannot access '/browsers/*': No such file or directory archivebox-archivebox-1 | [i] [2023-11-24 04:09:00] ArchiveBox v0.7.1+editable: archivebox server --quick-init 0.0.0.0:8000 archivebox-archivebox-1 | > /data archivebox-archivebox-1 | archivebox-archivebox-1 | [!] ArchiveBox should never be run as root! archivebox-archivebox-1 | For more information, see the security overview documentation: archivebox-archivebox-1 | https://github.com/ArchiveBox/ArchiveBox/wiki/Security-Overview#do-not-run-as-root archivebox-archivebox-1 exited with code 2 ``` #### Screenshots or log output Included as part of the above steps. #### ArchiveBox version <!-- Run the `archivebox version` command locally then copy paste the result here: --> ```logs % docker compose run archivebox version [+] Building 0.0s (0/0) docker:desktop-linux [+] Building 0.0s (0/0) docker:desktop-linux chown: cannot access '/browsers/*': No such file or directory 0.7.1+editable ArchiveBox v0.7.1+editable Cpython Linux Linux-6.4.16-linuxkit-aarch64-with-glibc2.36 aarch64 DEBUG=False IN_DOCKER=True IN_QEMU=False IS_TTY=True TZ=UTC FS_ATOMIC=True FS_REMOTE=True FS_USER=0:0 FS_PERMS=644 SEARCH_BACKEND=ripgrep [i] Dependency versions: √ PYTHON_BINARY v3.11.6 valid /usr/local/bin/python3.11 √ SQLITE_BINARY v2.6.0 valid /usr/local/lib/python3.11/sqlite3/dbapi2.py √ DJANGO_BINARY v3.1.14 valid /usr/local/lib/python3.11/site-packages/django/__init__.py √ ARCHIVEBOX_BINARY v0.7.1 valid /usr/local/bin/archivebox √ CURL_BINARY v8.4.0 valid /usr/bin/curl √ WGET_BINARY v1.21.3 valid /usr/bin/wget √ NODE_BINARY v21.1.0 valid /usr/bin/node √ SINGLEFILE_BINARY v1.1.18 valid /app/node_modules/single-file-cli/single-file √ READABILITY_BINARY v0.0.9 valid /app/node_modules/readability-extractor/readability-extractor √ MERCURY_BINARY v1.0.0 valid /app/node_modules/@postlight/parser/cli.js √ GIT_BINARY v2.39.2 valid /usr/bin/git √ YOUTUBEDL_BINARY v2023.10.13 valid /usr/local/bin/yt-dlp √ CHROME_BINARY v119.0.6045.9 valid /usr/bin/chromium-browser √ RIPGREP_BINARY v13.0.0 valid /usr/bin/rg [i] Source-code locations: √ PACKAGE_DIR 24 files valid /app/archivebox √ TEMPLATES_DIR 4 files valid /app/archivebox/templates - CUSTOM_TEMPLATES_DIR - disabled None [i] Secrets locations: - CHROME_USER_DATA_DIR - disabled None - COOKIES_FILE - disabled None [i] Data locations: √ OUTPUT_DIR 8 files @ valid /data √ SOURCES_DIR 1 files valid ./sources √ LOGS_DIR 1 files valid ./logs √ ARCHIVE_DIR 1 files valid ./archive √ CONFIG_FILE 81.0 Bytes valid ./ArchiveBox.conf √ SQL_INDEX 212.0 KB valid ./index.sqlite3 ``` Many thanks for your help and please let me know if I can clarify anything here!

kerem closed this issue 2026-03-01 14:46:16 +03:00

kerem commented 2026-03-01 14:46:16 +03:00

Author

Owner

Copy link

@pirate commented on GitHub (Nov 24, 2023):

It's starting as root because the data folder is owned by root. I can add a check to avoid this edge case, but in the meantime can you try chown -R 901:901 data to see if changing the ownership of that folder fixes it.

<!-- gh-comment-id:1825612685 --> @pirate commented on GitHub (Nov 24, 2023): It's starting as root because the data folder is owned by root. I can add a check to avoid this edge case, but in the meantime can you try `chown -R 901:901 data` to see if changing the ownership of that folder fixes it.

kerem commented 2026-03-01 14:46:16 +03:00

Author

Owner

Copy link

@yesezra commented on GitHub (Nov 24, 2023):

Got it, thanks for that context!

Here's what happened with that chown:

% sudo chown -R 901:901 data
% docker compose up
[+] Building 0.0s (0/0)                                    docker:desktop-linux
[+] Running 1/1
 ✔ Container archivebox-archivebox-1  Recreated                            0.1s
Attaching to archivebox-archivebox-1
archivebox-archivebox-1  |     Change ./data to be owned by PUID=0 PGID=0 on the host and retry:
archivebox-archivebox-1  |
archivebox-archivebox-1  | [X] Error: archivebox user (PUID=0) is not able to write to your ./data dir.
archivebox-archivebox-1  |        $ chown -R 0:0 ./data
archivebox-archivebox-1  |
archivebox-archivebox-1  |     Configure the PUID & PGID environment variables to change the desired owner:
archivebox-archivebox-1  |        https://docs.linuxserver.io/general/understanding-puid-and-pgid
archivebox-archivebox-1  |
archivebox-archivebox-1 exited with code 1

As instructed, I tried chown -R 0:0 ./data

% sudo chown -R 0:0 ./data
% docker compose up
[+] Building 0.0s (0/0)                                                                                                                                      docker:desktop-linux
[+] Running 1/0
 ✔ Container archivebox-archivebox-1  Created                                                                                                                                0.0s
Attaching to archivebox-archivebox-1
archivebox-archivebox-1  |
archivebox-archivebox-1  | [X] Error: archivebox user (PUID=0) is not able to write to your ./data dir.
archivebox-archivebox-1  |        $ chown -R 0:0 ./data
archivebox-archivebox-1  |
archivebox-archivebox-1  |     Configure the PUID & PGID environment variables to change the desired owner:
archivebox-archivebox-1  |        https://docs.linuxserver.io/general/understanding-puid-and-pgid
archivebox-archivebox-1  |
archivebox-archivebox-1  |     Change ./data to be owned by PUID=0 PGID=0 on the host and retry:
archivebox-archivebox-1 exited with code 1

For context I'm on macOS 14.1.1. using the id command it appears that my user's uid is 501, and gid is 20 (staff). I tried those values as well and got the root error.

<!-- gh-comment-id:1825963791 --> @yesezra commented on GitHub (Nov 24, 2023): Got it, thanks for that context! Here's what happened with that chown: ```logs % sudo chown -R 901:901 data % docker compose up [+] Building 0.0s (0/0) docker:desktop-linux [+] Running 1/1 ✔ Container archivebox-archivebox-1 Recreated 0.1s Attaching to archivebox-archivebox-1 archivebox-archivebox-1 | Change ./data to be owned by PUID=0 PGID=0 on the host and retry: archivebox-archivebox-1 | archivebox-archivebox-1 | [X] Error: archivebox user (PUID=0) is not able to write to your ./data dir. archivebox-archivebox-1 | $ chown -R 0:0 ./data archivebox-archivebox-1 | archivebox-archivebox-1 | Configure the PUID & PGID environment variables to change the desired owner: archivebox-archivebox-1 | https://docs.linuxserver.io/general/understanding-puid-and-pgid archivebox-archivebox-1 | archivebox-archivebox-1 exited with code 1 ``` As instructed, I tried `chown -R 0:0 ./data` ```logs % sudo chown -R 0:0 ./data % docker compose up [+] Building 0.0s (0/0) docker:desktop-linux [+] Running 1/0 ✔ Container archivebox-archivebox-1 Created 0.0s Attaching to archivebox-archivebox-1 archivebox-archivebox-1 | archivebox-archivebox-1 | [X] Error: archivebox user (PUID=0) is not able to write to your ./data dir. archivebox-archivebox-1 | $ chown -R 0:0 ./data archivebox-archivebox-1 | archivebox-archivebox-1 | Configure the PUID & PGID environment variables to change the desired owner: archivebox-archivebox-1 | https://docs.linuxserver.io/general/understanding-puid-and-pgid archivebox-archivebox-1 | archivebox-archivebox-1 | Change ./data to be owned by PUID=0 PGID=0 on the host and retry: archivebox-archivebox-1 exited with code 1 ``` For context I'm on macOS 14.1.1. using the `id` command it appears that my user's uid is 501, and gid is 20 (staff). I tried those values as well and got the root error.

kerem commented 2026-03-01 14:46:16 +03:00

Author

Owner

Copy link

@pirate commented on GitHub (Dec 18, 2023):

I've updated the error messages to be clearer and added some hints for a few specific use cases, this should be fixed now.

Can you try with the latest :dev build https://github.com/ArchiveBox/ArchiveBox#install-and-run-a-specific-github-branch

Comment back here if you're still having issues and I'll reopen the ticket.

<!-- gh-comment-id:1859594761 --> @pirate commented on GitHub (Dec 18, 2023): I've updated the error messages to be clearer and added some hints for a few specific use cases, this should be fixed now. Can you try with the latest `:dev` build https://github.com/ArchiveBox/ArchiveBox#install-and-run-a-specific-github-branch Comment back here if you're still having issues and I'll reopen the ticket.

kerem referenced this issue 2026-03-01 17:55:26 +03:00

[GH-ISSUE #725] Pocket and Pinboard imports causing tags to be split incorrectly into individual characters w/ broken hyphenation #1969

kerem referenced this issue 2026-03-01 17:55:46 +03:00

[GH-ISSUE #782] Bug: tags parsed as individual characters from Pinboard export #2006

kerem referenced this issue 2026-03-14 23:07:25 +03:00

[GH-ISSUE #725] Pocket and Pinboard imports causing tags to be split incorrectly into individual characters w/ broken hyphenation #3479

kerem referenced this issue 2026-03-14 23:20:00 +03:00

[GH-ISSUE #782] Bug: tags parsed as individual characters from Pinboard export #3517

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

dev

main

abx-dl-refactor

claude/issue-1688-20251229-2233

claude/s3-support-migration-JZQcf

claude/review-snapshot-archive-RJOkr

claude/review-code-quality-macdO

claude/reduce-chrome-duplication-JgWVr

fix/chrome-args-comma-parsing

claude/issue-668-20251229-2145

claude/issue-1664-20251229-2236

v086

claude/improve-test-suite-xm6Bh

claude/typescript-archivebox-rewrite-011CUmPyEmECnkXwyHRT9RPF

claude/archivebox-schema-orm-comparison-011CUn26GurEpLiBUq4zjVLJ

stable

logfire

plugins-browsertrix

v072

link-removal2

v0.8.6rc1

v0.7.3

v0.8.6rc0

v0.8.5rc53

v0.8.5rc51

v0.8.5rc50

v0.8.5rc49

v0.8.5rc48

v0.8.5rc47

v0.8.5rc46

v0.8.5rc45

v0.8.5rc44

v0.8.5rc43

v0.8.5rc42

v0.8.5rc41

v0.8.5rc40

v0.8.5rc39

v0.8.5rc38

v0.8.5rc37

v0.8.5rc36

v0.8.5rc35

v0.8.5rc34

v0.8.5rc33

v0.8.5rc32

v0.8.5rc31

v0.8.5rc30

v0.8.5rc29

v0.8.5rc28

v0.8.5rc27

v0.8.5rc26

v0.8.5rc25

v0.8.5rc24

v0.8.5rc23

v0.8.5rc22

v0.8.5rc13

v0.8.5rc12

v0.8.5rc11

v0.8.5rc10

v0.8.5rc9

v0.8.5rc8

v0.8.5rc6

v0.8.5rc5

v0.8.5rc4

v0.8.5rc3

v0.8.5rc2

v0.8.5-rc

v0.8.4-rc

v0.8.3-rc

v0.8.2-rc

v0.8.0-rc

v0.7.2

v0.7.1

v0.7.0

v0.6.2

v0.6.0

v0.5.6

v0.5.4

v0.5.3

v0.4.24

v0.4.21

v0.4.20

v0.4.19

v0.4.18

v0.4.17

v0.4.16

v0.4.15

v0.4.14

v0.4.13

v0.4.12

v0.4.11

v0.4.9

v0.2.4

v0.2.3

v0.2.2

v0.2.1

v0.2.0

v0.1.0

v0.0.3

v0.0.2

v0.0.1

Labels

Clear labels   

expected: maybe someday

  

expected: next release

  

expected: release after next

  

expected: unlikely unless contributed

  

good first ticket

  

help wanted

  

pull-request

Mirrored from GitHub Pull Request

  

scope: all users

  

scope: windows users

  

size: easy

  

size: hard

  

size: medium

  

size: medium

  

status: backlog

  

status: blocked

  

status: done

  

status: idea-phase

  

status: needs followup

  

status: wip

  

status: wontfix

  

touches: API/CLI/Spec

  

touches: configuration

  

touches: data/schema/architecture

  

touches: dependencies/packaging

  

touches: docs

  

touches: js

  

touches: views/replayers/html/css

  

why: correctness

  

why: functionality

  

why: performance

  

why: security

No labels

expected: maybe someday

expected: next release

expected: release after next

expected: unlikely unless contributed

good first ticket

help wanted

pull-request

scope: all users

scope: windows users

size: easy

size: hard

size: medium

size: medium

status: backlog

status: blocked

status: done

status: idea-phase

status: needs followup

status: wip

status: wontfix

touches: API/CLI/Spec

touches: configuration

touches: data/schema/architecture

touches: dependencies/packaging

touches: docs

touches: js

touches: views/replayers/html/css

why: correctness

why: functionality

why: performance

why: security

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/ArchiveBox#782

No description provided.