Node-RED Deploy failed with EACCES:permission denied

General
1

Hi, have a new problem that creaped up with Projects, after deploying the project, and on Deploying a change, I get:

Node-RED Deploy failed: 
{"error";"EACCES","message", "EACCES:permission denied,   
rename '/data/projects/master/flows.json' ->   
 '/data/projects/master/flows.json.backup'"}

And here is the server logfile:

11 Jun 22:39:14 - [warn] Error saving flows: EACCES: permission denied, rename '/data/projects/master/flows.json' -> '/data/projects/master/.flows.json.backup'
11 Jun 22:39:14 - [warn] Error: EACCES: permission denied, rename '/data/projects/master/flows.json' -> '/data/projects/master/.flows.json.backup'
    at Object.fs.renameSync (fs.js:714:3)
    at Object.writeFile (/usr/src/iotp/node_modules/node-red/red/runtime/storage/localfilesystem/util.js:84:20)
    at Object.saveFlows (/usr/src/iotp/node_modules/node-red/red/runtime/storage/localfilesystem/projects/index.js:558:17)
    at /usr/src/iotp/node_modules/node-red/red/runtime/storage/index.js:95:38
    at tryCatchReject (/usr/src/iotp/node_modules/when/lib/makePromise.js:845:30)
    at runContinuation1 (/usr/src/iotp/node_modules/when/lib/makePromise.js:804:4)
    at Fulfilled.when (/usr/src/iotp/node_modules/when/lib/makePromise.js:592:4)
    at ContinuationTask.run (/usr/src/iotp/node_modules/when/lib/makePromise.js:702:24)
    at Scheduler._drain (/usr/src/iotp/node_modules/when/lib/Scheduler.js:62:19)
    at Scheduler.drain (/usr/src/iotp/node_modules/when/lib/Scheduler.js:27:9)
    at process._tickCallback (internal/process/next_tick.js:61:11)

I assume the Node-RED server does not think it has access to that folder, but it seams it has. Any ideas where to look?

Btw, the Node-Red server is a Docker instance, my own creation.
The Docker instance runs the code in /usr/src/iotp this is mapped in volumes.

2

I imagine it is not so much that the server thinks it does not have access, but that it actually does not have access. Are you sure the user running node-red has write access to that folder and file?

4

Thank you Colin, yes, you are correct, I create my RPi with Ansible, created a new host, and forgot to bring the user details accross which my templates use to create the user, as consequence the user did not have the right permissions. Apologies !

5

I may be being obtuse, but how in the world would I even go about checking this? I'm trying to bind-mount a directory on my host (/opt/appdata/nodered/data:/data), but the official node-red-docker Dockerfile appears to create its own user "node-red". How in the world am I supposed to make it possible for the container to copy things into that directory? Every answer I find has a vague reference to "user that node-red is running as". I guess I don't know what that means. I run the docker-compose as root and set PUID and GUID both as 1000, what more can I do?

6

Took me a while to solve it.

7

See the dockerfile (I build them with Ansible) - but you will get the idea of how to solve the uid problem.