fixed issues with socket

AxisCommunications · Nov 9, 2023 · 3fd8713 · 3fd8713
1 parent 8c1b4c5
commit 3fd8713
Show file tree

Hide file tree

Showing 2 changed files with 18 additions and 24 deletions.
diff --git a/app/dockerdwrapperwithcompose.c b/app/dockerdwrapperwithcompose.c
@@ -430,17 +430,18 @@ start_dockerd(void)
   }
 
   if (use_ipc_socket) {
-    uid_t uid;
-    uid = getuid();
-    uid_t gid;
-    gid = getgid();
-    // The socket should reside in the user directory and have same group as
-    // user
+    // Get uid and gid 
+    uid_t uid = getuid();
+    //uid_t gid = getgid();
+
+    // The socket should reside in the user directory 
+    // TODO: Ideally we would want to set the group ownership here as well, with '--group',
+    // but this does not work as expected so for now we leave it as is (default docker)
+    // which will lead to the socket group ownership set to 'addon' and a warning message
+    // from dockerd
     args_offset += g_snprintf(args + args_offset,
                               args_len - args_offset,
-                              " %s %d %s%d%s",
-                              "--group",
-                              gid,
+                              " %s%d%s",
                               "-H unix:///var/run/user/",
                               uid,
                               "/docker.sock");
@@ -487,6 +488,7 @@ start_dockerd(void)
   free(use_sd_card_value);
   free(use_tls_value);
   free(use_ipc_socket_value);
+  free(use_verbose_value);
   g_clear_error(&error);
 
   return return_value;

diff --git a/app/postinstallscript.sh b/app/postinstallscript.sh
@@ -53,17 +53,7 @@ EOF
 
 # reload daemon for service file changes to take effect
 systemctl daemon-reload
-# *** non-root user should be able to do this ****
-
-# Move the daemon.json file into localdata folder
-if [ ! -e localdata/daemon.json ]
-then
-    mv empty_daemon.json localdata/daemon.json
-else
-    rm empty_daemon.json
-fi
 
-# TODO Are these paths correct for non-root?
 # Create docker symbolic link
 mkdir -p /usr/local/bin
 ln -s /usr/local/packages/dockerdwrapperwithcompose/docker /usr/local/bin/docker
@@ -73,8 +63,10 @@ mkdir -p /usr/local/lib/docker/cli-plugins
 ln -s /usr/local/packages/dockerdwrapperwithcompose/docker-compose /usr/local/lib/docker/cli-plugins/docker-compose
 
 # Create docker socket symbolic link
-ln -s /run/user/"$_uid"/docker.sock /var/run/docker.sock
-# Allow users in sdk group to access the socket
-# NOTE! This will not work for e.g ssh-users, but should work for other ACAP applications
-# provided they are part of the sdk group
-chgrp sdk /run/user/"$_uid"/docker.sock
+ln -s /var/run/user/"$_uid"/docker.sock /var/run/docker.sock
+
+# *** non-root user should be able to do this ****
+
+# Move the daemon.json file into localdata folder
+mv -n empty_daemon.json localdata/daemon.json
+rm -f empty_daemon.json