Envbox UID Remapping Breaks FSx Permissions
Hello,
We’ve deployed Coder on EKS, using FSx Lustre for shared storage. For quite some time, our setup worked fine with the default Coder user (
However, after introducing Envbox, we’ve run into significant problems when trying to mix Envbox and non-Envbox workspaces. Envbox doesn’t preserve the
We tried modifying the Envbox userns-remap setting in the image (changing it from
If anyone has suggestions on alternative ways to enforce
Thanks!
We’ve deployed Coder on EKS, using FSx Lustre for shared storage. For quite some time, our setup worked fine with the default Coder user (
uid=1000), and all workspaces mounted the FSx volumes without permission issues.However, after introducing Envbox, we’ve run into significant problems when trying to mix Envbox and non-Envbox workspaces. Envbox doesn’t preserve the
uid=1000—it remaps and uses uid=101000 instead. This causes permissions on FSx to change whenever an Envbox workspace is created, breaking access for the other workspaces.We tried modifying the Envbox userns-remap setting in the image (changing it from
"userns-remap": "coder" to "userns-remap": "disabled") in hopes of forcing it to use uid=1000, but unfortunately we couldn’t get that change to propagate properly through the workspace startup.If anyone has suggestions on alternative ways to enforce
uid=1000 in Envbox-based workspaces—or to otherwise prevent it from remapping and changing FSx permissions—we’d love to hear them.Thanks!
