Sqlite permission error running image in podman

I get the below error even though I’m running as host user 1000 and have .files/ and .db/ folder ownership as specified in docs. What could be causing this? Thanks in advance.

usr1@rpi3 vikunja]$ id
uid=1000(usr1) gid=10(wheel) groups=10(wheel) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
[usr1@rpi3 vikunja]$ podman --version
podman version 5.3.1
[usr1@rpi3 vikunja]$ podman images
REPOSITORY                 TAG         IMAGE ID      CREATED      SIZE
docker.io/vikunja/vikunja  latest      c6d11cd3bf3d  12 days ago  89.3 MB
[usr1@rpi3 vikunja]$ ls -lR
.:
total 12
-rw-r--r--. 1 usr1 wheel  737 Jan  3 00:34 compose.yaml
drwxr-xr-x. 2 usr1 wheel 4096 Jan  3 23:31 db
drwxr-xr-x. 2 usr1 wheel 4096 Jan  3 23:31 files

./db:
total 0

./files:
total 0
[usr1@rpi3 vikunja]$ podman run -p 3456:3456 -v $PWD/files:/app/vikunja/files -v $PWD/db:/db vikunja/vikunja2025-01-03T23:50:32Z: INFO      ▶ 001 No config file found, using default or config from environment variables.
2025-01-03T23:50:32Z: INFO      ▶ 002 Running migrations…
2025-01-03T23:50:32Z: CRITICAL  ▶ 003 Could not connect to db: could not open database file [uid=1000, gid=0]: open /db/vikunja.db: permission denied

What does your docker compose file look like?

Thank you for unlocking my account and taking the time to get back.

I have since resolved the permission issue above which was due to the following…

  1. SELinux (not uncommon when running with podman) requires security context/labels to be be applied when bind mounting host-dir volumes. This can be achieved by appending :Z to the volume declaration…
    volumes:
      - ./files:/app/vikunja/files:Z
      - ./db:/db:Z
    
  2. With rootless containers running as a non-root container user (i.e. uid: 1000) the host-dir volumes need to be owned by the host users subuid offset. This can achieve by running…
    $ podman unshare chown 1000 files db
    
    which results in…
    $ ls -lZ
    total 12
    -rw-r--r--. 1 usr1   usr1 unconfined_u:object_r:user_home_t:s0             756 Jan 20 22:09 compose.yaml
    drwxr-xr-x. 2 525287 usr1 system_u:object_r:container_file_t:s0:c150,c184 4096 Jan 20 23:01 db
    drwxr-xr-x. 2 525287 usr1 system_u:object_r:container_file_t:s0:c150,c184 4096 Jan  3 23:31 files
    
    

Hope this may be of use to others trying to use podman as a container runtime.

Thank you for creating this wonderful open source project!

Glad you figured it out! If you want, I’d happily take a contribution with your findings for the website: GitHub - go-vikunja/website: Official Vikunja Homepage