Envbox UID Remapping Breaks FSx Permissions
Hello,
We’ve deployed Coder on EKS, using FSx Lustre for shared storage. For quite some time, our setup worked fine with the default Coder user (
uid=1000), and all workspaces mounted the FSx volumes without permission issues.
However, after introducing Envbox, we’ve run into significant problems when trying to mix Envbox and non-Envbox workspaces. Envbox doesn’t preserve the uid=1000—it remaps and uses uid=101000 instead. This causes permissions on FSx to change whenever an Envbox workspace is created, breaking access for the other workspaces.
We tried modifying the Envbox userns-remap setting in the image (changing it from "userns-remap": "coder" to "userns-remap": "disabled") in hopes of forcing it to use uid=1000, but unfortunately we couldn’t get that change to propagate properly through the workspace startup.
If anyone has suggestions on alternative ways to enforce uid=1000 in Envbox-based workspaces—or to otherwise prevent it from remapping and changing FSx permissions—we’d love to hear them.
Thanks!4 Replies
What are you creating this issue for?
hey, updating you on this, the last weeks have been very busy for me, and this week will be too so there is a lot of backlog that has built up so I apologize for the delay!
If no one else from the team has had the time to figure this out I should be able to catch up
with all open issues by next week EOW, I will try to leave an answer, even if it is an "i don't know" just so you know we're looking at this!
thanks for your understanding :-)
hey! this took longer than i thought! very sorry!
were you able to get this sorted?
@Adrian since this issue is stale, I will close it, but feel free to reopen it!
@Phorcys closed the thread.