[GH-ISSUE #3242] Since version 24.3, Cloudbeaver running into permissions issues when starting in AWS Kubernetes #1181

New issue

Closed

opened 2026-03-07 21:00:39 +03:00 by kerem · 0 comments

kerem commented

2026-03-07 21:00:39 +03:00

Owner

Originally created by @matherton21 on GitHub (Feb 6, 2025).
Original GitHub issue: https://github.com/dbeaver/cloudbeaver/issues/3242

Describe the bug
Since version 24.3, Cloudbeaver now has issues when running in certain kubernetes environments

The issue is related to the changes to the startup script for the container on this commit

https://github.com/dbeaver/cloudbeaver/pull/3087/files#diff-d523c634b73e4d716137582ef8c446f5dc3123ee6d46196dca0996497d02eda0

After the container launches on kubernetes the following logs are output

chown: changing ownership of '/opt/cloudbeaver/server/p2/org.eclipse.equinox.p2.core': Operation not permitted chown: changing ownership of '/opt/cloudbeaver/server/p2': Operation not permitted chown: changing ownership of '/opt/cloudbeaver/server': Operation not permitted chown: changing ownership of '/opt/cloudbeaver/conf/initial-data.conf': Operation not permitted chown: changing ownership of '/opt/cloudbeaver/conf/cloudbeaver.conf': Read-only file system chown: changing ownership of '/opt/cloudbeaver/conf/logback.xml': Operation not permitted chown: changing ownership of '/opt/cloudbeaver/conf/initial-data-sources.conf': Read-only file system chown: changing ownership of '/opt/cloudbeaver/conf/product.conf': Read-only file system chown: changing ownership of '/opt/cloudbeaver/conf': Operation not permitted chown: changing ownership of '/opt/cloudbeaver/run-server.sh': Operation not permitted chown: changing ownership of '/opt/cloudbeaver/samples': Operation not permitted chown: changing ownership of '/opt/cloudbeaver/launch-product.sh': Operation not permitted chown: changing ownership of '/opt/cloudbeaver': Operation not permitted su: cannot set groups: Operation not permitted

the read only file system errors will be due to mounts which is fine but not sure about the rest

I suspect this might be related to security context limitations but we have some limits on what we can change due to us running on AWS EKS Fargate which requires things like allowPrivilegeEscalation being set to false

Environment

Running the docker image on AWS EKS kubernetes environment, using their serverless EKS fargate managed service for running the pods.

Originally created by @matherton21 on GitHub (Feb 6, 2025). Original GitHub issue: https://github.com/dbeaver/cloudbeaver/issues/3242 **Describe the bug** Since version 24.3, Cloudbeaver now has issues when running in certain kubernetes environments The issue is related to the changes to the startup script for the container on this commit https://github.com/dbeaver/cloudbeaver/pull/3087/files#diff-d523c634b73e4d716137582ef8c446f5dc3123ee6d46196dca0996497d02eda0 After the container launches on kubernetes the following logs are output <ive snipped the rest of the log as its very similar but all looks like this> chown: changing ownership of '/opt/cloudbeaver/server/p2/org.eclipse.equinox.p2.core': Operation not permitted chown: changing ownership of '/opt/cloudbeaver/server/p2': Operation not permitted chown: changing ownership of '/opt/cloudbeaver/server': Operation not permitted chown: changing ownership of '/opt/cloudbeaver/conf/initial-data.conf': Operation not permitted chown: changing ownership of '/opt/cloudbeaver/conf/cloudbeaver.conf': Read-only file system chown: changing ownership of '/opt/cloudbeaver/conf/logback.xml': Operation not permitted chown: changing ownership of '/opt/cloudbeaver/conf/initial-data-sources.conf': Read-only file system chown: changing ownership of '/opt/cloudbeaver/conf/product.conf': Read-only file system chown: changing ownership of '/opt/cloudbeaver/conf': Operation not permitted chown: changing ownership of '/opt/cloudbeaver/run-server.sh': Operation not permitted chown: changing ownership of '/opt/cloudbeaver/samples': Operation not permitted chown: changing ownership of '/opt/cloudbeaver/launch-product.sh': Operation not permitted chown: changing ownership of '/opt/cloudbeaver': Operation not permitted su: cannot set groups: Operation not permitted the read only file system errors will be due to mounts which is fine but not sure about the rest I suspect this might be related to security context limitations but we have some limits on what we can change due to us running on AWS EKS Fargate which requires things like allowPrivilegeEscalation being set to false Environment - Running the docker image on AWS EKS kubernetes environment, using their serverless EKS fargate managed service for running the pods.