From 139a03c7743864476731e1d22c011b3af8bdad06 Mon Sep 17 00:00:00 2001 From: Claude Date: Sun, 22 Mar 2026 07:39:34 +0000 Subject: [PATCH] Set XDG_RUNTIME_DIR before any podman call in non-login shells Podman uses XDG_RUNTIME_DIR for its RunRoot, events dirs, and default socket path. Without it pointing to a writable location, podman fails with 'mkdir /run/user/: permission denied' even before the socket is created. Export it to /tmp/podman- when unset. https://claude.ai/code/session_01FKCW3FDjNFj6jve4niMFXH --- infra/start.sh | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/infra/start.sh b/infra/start.sh index 9dd3df3..91593d8 100755 --- a/infra/start.sh +++ b/infra/start.sh @@ -62,15 +62,19 @@ echo "[hiy] Generated proxy/caddy.json for ${DOMAIN_SUFFIX}" # ── Ensure Podman socket is active ──────────────────────────────────────────── # systemctl --user requires a D-Bus session (not available in non-interactive # shells). Use podman system service directly instead. -# /run/user/ is only created by PAM/logind during a real login session. -# Fall back to /tmp when XDG_RUNTIME_DIR is not set. -_SOCK_DIR="${XDG_RUNTIME_DIR:-/tmp/podman-$(id -u)}" -PODMAN_SOCK="${_SOCK_DIR}/podman.sock" +# /run/user/ is created by PAM/logind and doesn't exist in non-login +# shells. Podman uses XDG_RUNTIME_DIR for RunRoot, events dirs, and the +# default socket path, so we must set it to something writable before any +# podman invocation. +if [ -z "${XDG_RUNTIME_DIR:-}" ]; then + export XDG_RUNTIME_DIR="/tmp/podman-$(id -u)" + mkdir -p "$XDG_RUNTIME_DIR" +fi +PODMAN_SOCK="${XDG_RUNTIME_DIR}/podman.sock" export PODMAN_SOCK export DOCKER_HOST="unix://${PODMAN_SOCK}" if [ ! -S "$PODMAN_SOCK" ]; then echo "[hiy] Starting Podman socket via podman system service…" - mkdir -p "$_SOCK_DIR" podman system service --time=0 "unix://${PODMAN_SOCK}" & # Wait up to 5 s for the socket to appear for i in 1 2 3 4 5; do