Permissions issue when mounting local folder

pieter · March 7, 2024, 9:55am

I’m experiencing a permissions issue where the locally mounted /home/jovyan/work is owned by jovyan:users when I run JupyterHub on my local machine but root:root when I run the same configuration on a server. I tried setting CHOWN_EXTRA but this has no effect:

import os

c = get_config()  # noqa: F821
c.JupyterHub.spawner_class = "dockerspawner.DockerSpawner"

c.DockerSpawner.image = os.environ["DOCKER_NOTEBOOK_IMAGE"]

network_name = os.environ["DOCKER_NETWORK_NAME"]
c.DockerSpawner.use_internal_ip = True
c.DockerSpawner.network_name = network_name

notebook_dir = os.environ.get("DOCKER_NOTEBOOK_DIR", "/home/jovyan/work")
c.DockerSpawner.notebook_dir = notebook_dir

c.DockerSpawner.environment = {
    "CHOWN_HOME": "yes",
    "CHOWN_EXTRA": "/home/jovyan",
    "CHOWN_EXTRA_OPTS": "-R",
    "NB_UID": 1000,
    "NB_GID": 100,
}

c.DockerSpawner.volumes = {
    os.environ.get("DOCKER_NOTEBOOK_VOLUME"): notebook_dir,
}

c.DockerSpawner.remove = True

c.DockerSpawner.debug = True

c.DockerSpawner.start_timeout = 180

c.JupyterHub.hub_ip = "jupyterhub"
c.JupyterHub.hub_port = 8080

c.JupyterHub.cookie_secret_file = "/data/jupyterhub_cookie_secret"
c.JupyterHub.db_url = "sqlite:////data/jupyterhub.sqlite"

c.JupyterHub.authenticator_class = "nativeauthenticator.NativeAuthenticator"

c.NativeAuthenticator.open_signup = True

admin = os.environ.get("JUPYTERHUB_ADMIN")
if admin:
    c.Authenticator.admin_users = [admin]

My compose file looks like this:

version: "3"

services:
  hub:
    build:
      context: .
      dockerfile: Dockerfile.jupyterhub
      args:
        JUPYTERHUB_VERSION: latest
    restart: always
    image: jupyterhub
    container_name: jupyterhub
    networks:
      - jupyterhub-network
    volumes:
      - "./jupyterhub_config.py:/srv/jupyterhub/jupyterhub_config.py:ro"
      - "/var/run/docker.sock:/var/run/docker.sock:rw"
      - "/data/jupyterhub-data/hub:/data"
    ports:
      - "8000:8000"
    environment:
      JUPYTERHUB_ADMIN: admin
      DOCKER_NETWORK_NAME: jupyterhub-network
      DOCKER_NOTEBOOK_IMAGE: quay.io/jupyter/minimal-notebook
      DOCKER_NOTEBOOK_DIR: /home/jovyan/work
      DOCKER_NOTEBOOK_VOLUME: /data/jupyterhub-data/jupyterhub-user-{username} # jupyterhub-user-{username}

networks:
  jupyterhub-network:
    name: jupyterhub-network

manics · March 7, 2024, 12:33pm

You need to start the singleuser container as root (UID 0), so that it has permissions to run chown:
https://jupyter-docker-stacks.readthedocs.io/en/latest/using/common.html#docker-options

https://jupyterhub-dockerspawner.readthedocs.io/en/latest/api/index.html#dockerspawner.DockerSpawner.extra_create_kwargs

c.DockerSpawner.extra_create_kwargs = {
    "user": 0
}

Topic		Replies	Views
PermissionError: [Errno 13] Permission denied: '/home/jovyan/.local' JupyterHub	0	444	May 28, 2024
Set /home/jovyan as read only for jovyan user JupyterLab jupyterlab , how-to	7	3251	November 26, 2021
Jupyter/base-notebook user permission issue JupyterHub community , release , communication , jupyterhub , how-to	14	13922	June 23, 2020
Altering Docker stacks to switch from the jovyan user/ set permissions, for Zero to Jupyterhub with Kubernetes JupyterHub jupyterhub , how-to	0	697	August 18, 2020
Custom Dockerimage for Jupyterhub on Kubernetes Zero to JupyterHub on Kubernetes jupyterhub , help-wanted , docker	6	3162	September 25, 2020

Permissions issue when mounting local folder

Related topics