Skip to content

fix: pass LANDO_HOST_xID vars to initOnly services#2764

Open
sjinks wants to merge 1 commit intotrunkfrom
pltfrm-2054-jetpack-waf-conflicts-with-lde
Open

fix: pass LANDO_HOST_xID vars to initOnly services#2764
sjinks wants to merge 1 commit intotrunkfrom
pltfrm-2054-jetpack-waf-conflicts-with-lde

Conversation

@sjinks
Copy link
Member

@sjinks sjinks commented Mar 9, 2026
edited
Loading

Description

This PR solves the issue with permissions like this:

demo-app-code-1   | 2026-03-09T04:55:00.570754117Z userperms 04:55:00.DEBUG ==> Lando ENVVARS set at
demo-app-code-1   | 2026-03-09T04:55:00.571069728Z userperms 04:55:00.DEBUG ==> 
demo-app-code-1   | 2026-03-09T04:55:00.571370967Z userperms 04:55:00.DEBUG ==> ========================================
demo-app-code-1   | 2026-03-09T04:55:00.571669105Z userperms 04:55:00.DEBUG ==> LANDO_WEBROOT_USER      : www-data
demo-app-code-1   | 2026-03-09T04:55:00.571979118Z userperms 04:55:00.DEBUG ==> LANDO_WEBROOT_GROUP     : www-data
demo-app-code-1   | 2026-03-09T04:55:00.572291281Z userperms 04:55:00.DEBUG ==> LANDO_WEBROOT_UID       : 33
demo-app-code-1   | 2026-03-09T04:55:00.572573118Z userperms 04:55:00.DEBUG ==> LANDO_WEBROOT_GID       : 33
demo-app-code-1   | 2026-03-09T04:55:00.572830574Z userperms 04:55:00.DEBUG ==> LANDO_HOST_UID          : 
demo-app-code-1   | 2026-03-09T04:55:00.573062930Z userperms 04:55:00.DEBUG ==> LANDO_HOST_GID          : 
demo-app-code-1   | 2026-03-09T04:55:00.573321436Z userperms 04:55:00.DEBUG ==> ========================================
demo-app-code-1   | 2026-03-09T04:55:00.573571590Z userperms 04:55:00.DEBUG ==> 
demo-app-code-1   | 2026-03-09T04:55:00.573830754Z userperms 04:55:00.INFO  ==> Making sure correct user:group (www-data:www-data) exists...
demo-app-code-1   | 2026-03-09T04:55:00.575058175Z /helpers/user-perms.sh: line 37: chsh: not found
demo-app-code-1   | 2026-03-09T04:55:00.575260206Z userperms 04:55:00.INFO  ==> Remapping ownership to handle docker volume sharing...
demo-app-code-1   | 2026-03-09T04:55:00.575511096Z userperms 04:55:00.INFO  ==> Resetting www-data:www-data from 33:33 to :
demo-app-code-1   | 2026-03-09T04:55:00.645239061Z id: unknown user www-data
demo-app-code-1   | 2026-03-09T04:55:00.645824548Z userperms 04:55:00.WARN  ==> Looks like host/container user mapping was not possible! aborting...

Changelog Description

Fixed

  • Directory permissions issues for initOnly containers

Pull request checklist

New release checklist

Steps to Test

Wuth this PR applied, the permission sweep must succeed:

demo-app-code-1   | 2026-03-09T05:04:18.995652607Z userperms 05:04:18.DEBUG ==> 
demo-app-code-1   | 2026-03-09T05:04:18.996315084Z userperms 05:04:18.DEBUG ==> ========================================
demo-app-code-1   | 2026-03-09T05:04:18.996922112Z userperms 05:04:18.DEBUG ==> LANDO_WEBROOT_USER      : www-data
demo-app-code-1   | 2026-03-09T05:04:18.997428898Z userperms 05:04:18.DEBUG ==> LANDO_WEBROOT_GROUP     : www-data
demo-app-code-1   | 2026-03-09T05:04:18.997966425Z userperms 05:04:18.DEBUG ==> LANDO_WEBROOT_UID       : 33
demo-app-code-1   | 2026-03-09T05:04:18.998504933Z userperms 05:04:18.DEBUG ==> LANDO_WEBROOT_GID       : 33
demo-app-code-1   | 2026-03-09T05:04:18.998984127Z userperms 05:04:18.DEBUG ==> LANDO_HOST_UID          : 1000
demo-app-code-1   | 2026-03-09T05:04:18.999415869Z userperms 05:04:18.DEBUG ==> LANDO_HOST_GID          : 1000
demo-app-code-1   | 2026-03-09T05:04:18.999862878Z userperms 05:04:18.DEBUG ==> ========================================
demo-app-code-1   | 2026-03-09T05:04:19.000291236Z userperms 05:04:19.DEBUG ==> 
demo-app-code-1   | 2026-03-09T05:04:19.000711925Z userperms 05:04:19.INFO  ==> Making sure correct user:group (www-data:www-data) exists...
demo-app-code-1   | 2026-03-09T05:04:19.002180411Z /helpers/user-perms.sh: line 37: chsh: not found
demo-app-code-1   | 2026-03-09T05:04:19.002478686Z userperms 05:04:19.INFO  ==> Remapping ownership to handle docker volume sharing...
demo-app-code-1   | 2026-03-09T05:04:19.002834302Z userperms 05:04:19.INFO  ==> Resetting www-data:www-data from 33:33 to 1000:1000
demo-app-code-1   | 2026-03-09T05:04:19.203239598Z userperms 05:04:19.INFO  ==> www-data:www-data is now running as uid=1000(www-data) gid=1000(www-data) groups=1000(www-data)!

The issues with missing chsh or getent will be addressed in Automattic/lando-cli

@sjinks sjinks self-assigned this Mar 9, 2026
@github-actions
Copy link
Contributor

github-actions bot commented Mar 9, 2026

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

Scanned Files

None

@sonarqubecloud
Copy link

sonarqubecloud bot commented Mar 9, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@sjinks sjinks requested a review from Copilot March 9, 2026 05:10
Copilot AI reviewed Mar 9, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR addresses local dev environment permission failures for initOnly containers by ensuring host UID/GID information is available to those services during initialization, preventing empty LANDO_HOST_UID/LANDO_HOST_GID values and the resulting user/group remapping errors.

Changes:

  • Bump the local dev environment version to trigger updates for existing environments.
  • Pass LANDO_HOST_UID/LANDO_HOST_GID into initOnly services in the Lando template so permission scripts can correctly map users/groups.

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 1 comment.

File Description
src/lib/constants/dev-environment.ts Bumps DEV_ENVIRONMENT_VERSION to 2.3.3 to roll forward local env updates.
assets/dev-env.lando.template.yml.ejs Injects LANDO_HOST_UID/LANDO_HOST_GID into relevant initOnly services to fix permissions remapping.

@sjinks sjinks requested a review from a team March 9, 2026 05:51
@sjinks sjinks mentioned this pull request Mar 9, 2026
Open
7 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

At least 1 approving review is required to merge this pull request.

Assignees

@sjinks sjinks

Labels

[Status] Needs Review

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@sjinks