[PR #13] [MERGED] Fix Bun permissions issue in LXC container installer #100

New issue

Closed

opened 2026-02-27 15:55:08 +03:00 by kerem · 0 comments

kerem commented 2026-02-27 15:55:08 +03:00

Owner

Copy link

📋 Pull Request Information

Original PR: https://github.com/RayLabsHQ/gitea-mirror/pull/13
Author: @arunavo4
Created: 5/21/2025
Status: ✅ Merged
Merged: 5/22/2025
Merged by: @arunavo4

Base: main ← Head: fix-bun-permissions-in-lxc

---

📝 Commits (10+)

• c896194 Fix Bun permissions issue in LXC container installer
• 0cf95b2 Improve error handling and permission checks in LXC installer
• 161685b Add directory permission check before creating symlink in systemd service setup
• 32ef912 Remove sqlite3 dependency from package.json
• a15178d Implement health check API and update health check commands in Docker and Docker Compose
• 5bf52c8 Update README and add LXC deployment guide; enhance LXC installer scripts
• 1eae725 Update LXC deployment guide references and remove outdated documentation
• 1ab642c Update LXC deployment scripts: replace installer script with Proxmox-specific script and update README references
• 8b5c5d8 Update README to include event management scripts and LXC deployment details
• 9ccd656 Update documentation: revise architecture, configuration, and quick start guides to reflect new features and deployment options

📊 Changes

15 files changed (+804 additions, -361 deletions)

View changed files

📝 Dockerfile (+1 -1)
📝 README.md (+33 -13)
📝 bun.lock (+72 -19)
📝 docker-compose.homelab.yml (+1 -1)
📝 package.json (+0 -1)
📝 scripts/README-lxc.md (+93 -114)
📝 scripts/README.md (+72 -9)
➖ scripts/gitea-mirror-lxc-installer.sh (+0 -188)
➕ scripts/gitea-mirror-lxc-local.sh (+86 -0)
➕ scripts/gitea-mirror-lxc-proxmox.sh (+97 -0)
📝 src/content/docs/architecture.md (+28 -7)
📝 src/content/docs/configuration.md (+58 -3)
📝 src/content/docs/quickstart.md (+60 -5)
📝 src/lib/api.ts (+77 -0)
➕ src/pages/api/health.ts (+126 -0)

📄 Description

Problem

Closes #12
The LXC container installer script installs Bun to /root/.bun/bin/bun, but the systemd service runs as the gitea-mirror user. This causes a "Permission denied" error when the service tries to execute Bun, as the gitea-mirror user doesn't have access to files in the /root directory.

Error from logs:

May 21 16:14:25 gitteam-mirror systemd[1]: Started gitea-mirror.service - Gitea Mirror.
May 21 16:14:25 gitteam-mirror (bun)[2375]: gitea-mirror.service: Failed to execute /root/.bun/bin/bun: Permission denied
May 21 16:14:25 gitteam-mirror (bun)[2375]: gitea-mirror.service: Failed at step EXEC spawning /root/.bun/bin/bun: Permission denied
May 21 16:14:25 gitteam-mirror systemd[1]: gitea-mirror.service: Main process exited, code=exited, status=203/EXEC
May 21 16:14:25 gitteam-mirror systemd[1]: gitea-mirror.service: Failed with result 'exit-code'.

Solution

This PR fixes the issue by:

1. Creating a symlink to Bun in /usr/local/bin to make it accessible to all users
2. Using the global Bun path in the systemd service configuration
3. Adding proper permission checks and fixes for the Bun executable
4. Adding verification steps to ensure the service user can access Bun
5. Including a troubleshooting section in the installer output
6. Adding robust error handling to prevent silent failures
   • Checking if /usr/local/bin is writable before creating symlinks
   • Verifying symlink creation was successful
   • Using targeted permission changes instead of recursive chmod
7. Adding safety checks before modifying permissions on files and directories

Testing

To test this fix:

1. Create a fresh LXC container
2. Run the updated installer script:

   curl -fsSL https://raw.githubusercontent.com/arunavo4/gitea-mirror/fix-bun-permissions-in-lxc/scripts/gitea-mirror-lxc-installer.sh | bash
   

3. Verify that the service starts successfully:

   systemctl status gitea-mirror
   

---

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/RayLabsHQ/gitea-mirror/pull/13 **Author:** [@arunavo4](https://github.com/arunavo4) **Created:** 5/21/2025 **Status:** ✅ Merged **Merged:** 5/22/2025 **Merged by:** [@arunavo4](https://github.com/arunavo4) **Base:** `main` ← **Head:** `fix-bun-permissions-in-lxc` --- ### 📝 Commits (10+) - [`c896194`](https://github.com/RayLabsHQ/gitea-mirror/commit/c896194aebe42d90d1564589f6eaca497b3d2267) Fix Bun permissions issue in LXC container installer - [`0cf95b2`](https://github.com/RayLabsHQ/gitea-mirror/commit/0cf95b2a0ef7d4f76ffa951114889edc600f5e6b) Improve error handling and permission checks in LXC installer - [`161685b`](https://github.com/RayLabsHQ/gitea-mirror/commit/161685b966a50d735448694f30aa25baa4598bbe) Add directory permission check before creating symlink in systemd service setup - [`32ef912`](https://github.com/RayLabsHQ/gitea-mirror/commit/32ef9124a7936ef02d063fc087607205a6b45f7b) Remove sqlite3 dependency from package.json - [`a15178d`](https://github.com/RayLabsHQ/gitea-mirror/commit/a15178d2cd28a1116a2651846badfa154973c426) Implement health check API and update health check commands in Docker and Docker Compose - [`5bf52c8`](https://github.com/RayLabsHQ/gitea-mirror/commit/5bf52c806ff82255a0664f8c8e2a2ae8c6603113) Update README and add LXC deployment guide; enhance LXC installer scripts - [`1eae725`](https://github.com/RayLabsHQ/gitea-mirror/commit/1eae725535c738f2659cc33986dbc007fb1e88c0) Update LXC deployment guide references and remove outdated documentation - [`1ab642c`](https://github.com/RayLabsHQ/gitea-mirror/commit/1ab642c9e70fc72770c1d0379eeed73ca57e4edd) Update LXC deployment scripts: replace installer script with Proxmox-specific script and update README references - [`8b5c5d8`](https://github.com/RayLabsHQ/gitea-mirror/commit/8b5c5d8ed25f6d9b51b51f68109ad029019d8085) Update README to include event management scripts and LXC deployment details - [`9ccd656`](https://github.com/RayLabsHQ/gitea-mirror/commit/9ccd656734b9a605021e12bd6c0bf60128fb9c48) Update documentation: revise architecture, configuration, and quick start guides to reflect new features and deployment options ### 📊 Changes **15 files changed** (+804 additions, -361 deletions) <details> <summary>View changed files</summary> 📝 `Dockerfile` (+1 -1) 📝 `README.md` (+33 -13) 📝 `bun.lock` (+72 -19) 📝 `docker-compose.homelab.yml` (+1 -1) 📝 `package.json` (+0 -1) 📝 `scripts/README-lxc.md` (+93 -114) 📝 `scripts/README.md` (+72 -9) ➖ `scripts/gitea-mirror-lxc-installer.sh` (+0 -188) ➕ `scripts/gitea-mirror-lxc-local.sh` (+86 -0) ➕ `scripts/gitea-mirror-lxc-proxmox.sh` (+97 -0) 📝 `src/content/docs/architecture.md` (+28 -7) 📝 `src/content/docs/configuration.md` (+58 -3) 📝 `src/content/docs/quickstart.md` (+60 -5) 📝 `src/lib/api.ts` (+77 -0) ➕ `src/pages/api/health.ts` (+126 -0) </details> ### 📄 Description ## Problem Closes #12 The LXC container installer script installs Bun to `/root/.bun/bin/bun`, but the systemd service runs as the `gitea-mirror` user. This causes a "Permission denied" error when the service tries to execute Bun, as the `gitea-mirror` user doesn't have access to files in the `/root` directory. Error from logs: ``` May 21 16:14:25 gitteam-mirror systemd[1]: Started gitea-mirror.service - Gitea Mirror. May 21 16:14:25 gitteam-mirror (bun)[2375]: gitea-mirror.service: Failed to execute /root/.bun/bin/bun: Permission denied May 21 16:14:25 gitteam-mirror (bun)[2375]: gitea-mirror.service: Failed at step EXEC spawning /root/.bun/bin/bun: Permission denied May 21 16:14:25 gitteam-mirror systemd[1]: gitea-mirror.service: Main process exited, code=exited, status=203/EXEC May 21 16:14:25 gitteam-mirror systemd[1]: gitea-mirror.service: Failed with result 'exit-code'. ``` ## Solution This PR fixes the issue by: 1. Creating a symlink to Bun in `/usr/local/bin` to make it accessible to all users 2. Using the global Bun path in the systemd service configuration 3. Adding proper permission checks and fixes for the Bun executable 4. Adding verification steps to ensure the service user can access Bun 5. Including a troubleshooting section in the installer output 6. Adding robust error handling to prevent silent failures - Checking if `/usr/local/bin` is writable before creating symlinks - Verifying symlink creation was successful - Using targeted permission changes instead of recursive chmod 7. Adding safety checks before modifying permissions on files and directories ## Testing To test this fix: 1. Create a fresh LXC container 2. Run the updated installer script: ```bash curl -fsSL https://raw.githubusercontent.com/arunavo4/gitea-mirror/fix-bun-permissions-in-lxc/scripts/gitea-mirror-lxc-installer.sh | bash ``` 3. Verify that the service starts successfully: ```bash systemctl status gitea-mirror ``` --- _{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

kerem 2026-02-27 15:55:08 +03:00

• closed this issue
• added the
  pull-request
  label

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

main

fix/mirror-sync-bugs-262-263-264

v3.15.5

v3.15.4

v3.15.3

v3.15.2

v3.15.1

v3.15.0

v3.14.2

v3.14.1

v3.14.0

v3.13.4

v3.13.3

v3.13.2

v3.13.1

v3.13.0

v3.12.5

v3.12.4

v3.12.3

v3.12.2

v3.12.1

v3.12.0

v3.11.0

v3.10.1

v3.10.0

v3.9.6

v3.9.5

v3.9.4

v3.9.3

v3.9.2

v3.9.0

v3.8.11

v3.8.10

v3.8.9

v3.8.8

v3.8.7

v3.8.6

v3.8.5

v3.8.4

v3.8.3

v3.8.2

v3.8.1

v3.8.0

v3-sso

v3.7.2

v3.7.1

v3.7.0

v3.6.0

v3.5.4

v3.5.3

v3.5.2

v3.5.1

v3.5.0

v3.4.0

v3.3.0

v3.2.6

v3.2.5

v3.2.4

v3.2.3

v3.2.2

v3.2.1

v3.2.0

v3.1.1

v3.1.0

v3.0.1

v3.0.0

v2.22.0

v2.21.0

v2.20.1

v2.20.0

v2.18.0

v2.17.0

v2.16.3

v2.16.2

v2.16.1

v2.16.0

v2.15.0

v2.14.0

v2.13.2

v2.13.1

v2.13.0

v2.12.0

v2.11.2

v2.11.1

v2.11.0

v2.10.0

v2.9.3

v2.9.2

v2.9.1

v2.9.0

v2.8.0

v2.7.0

v2.6.0

v2.5.4

v2.5.3

v2.5.2

v2.5.1

v2.5.0

v2.1.0

v2.0.0

v1.0.0

Labels

Clear labels   

bug

  

documentation

  

enhancement

  

help wanted

  

pull-request

Mirrored from GitHub Pull Request

  

question

No labels

bug

documentation

enhancement

help wanted

pull-request

question

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/gitea-mirror#100

No description provided.