My current setup is as follow
Ixora carrier board v1.2
Apalis iMX8QM v1.1
I am trying to build a python app. The app writes a file to disk. I have noticed strange behavior in debug and release modes of the application.
When I run the app in debug mode, the app folder which i call “file-write” is owned by torizon when I log into the docker container. This means it has correct permissions for python program to write a file to disk.
Here is a sample output.
When I run the same file in release mode, file-write folder has root permissions and the app gets a permission denied error when it tries to write to disk.
I’ll ask the Dockerfile release and the folder ownership questions to the IDE extension team and I’ll reply to you as soon as I have an answer on their side.
You can change the ownership of the project folder by going in the extension configurations and adding this value to property targetfiles:
RUN chown -R torizon:torizon /file-write
After this, rebuild the container by pressing:
F1 → Torizon: Build release container for the application
thanks for your reply. is it targetfiles or targetcommands?
It should be targetfiles. One thing I forgot to mention is that this property should only be applied to release, as it breaks the debug build. You can check how to apply a property only to a specific type of build here: Systemd service management on Torizon - #17 by lucas_a.tx. However, I have a possible better solution than using this property, see below.
I’ve talked to the extension team and here’s what I got:
The /setup.sh debug and /cleanup.sh debug lines present on Dockerfile.release are indeed not intentional and should be corrected in a future update. Thank you for reporting this!
The difference in ownership is due to how the Docker image is built for each type:
On debug the project directory (in your case /file-write) is a bind mount; VSCode first copies it to your SoM (specifically to the $HOME directory) then runs the container with argument --volume. If the extension is accessing the SoM via SSH as torizon, then this user will be the owner of the folder.
On release the project directory is part of the Docker image as it is copied to the image when building it with docker build. Given that in Dockerfile.release the copy occurs before defining a user, the default owner is root.
With this difference in mind I’d recommend creating a new bind mount in volumes and write all your files there instead of using the app folder, as this alternative should work without problems on both debug and release builds. If you do this the owner of the bind mount will be torizon if the extension is accessing the SoM with this user, which is usually the case.
Just letting you know that the permission issue has been fixed in the latest early access version of our extension: Toradex Torizon Support (Early Access).