Fix permission error accessing /run/secrets (#10097)

Checks that the service has read access to the directory before trying
to read it
This commit is contained in:
Andrew Jackson 2024-02-28 23:18:34 +00:00 committed by GitHub
parent 3bf2a496e1
commit a1424bad6c
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 5 additions and 3 deletions

View File

@ -50,7 +50,7 @@ DEFAULT_TIME_FORMAT = "%m/%d/%Y %H:%M:%S"
FRIGATE_ENV_VARS = {k: v for k, v in os.environ.items() if k.startswith("FRIGATE_")}
# read docker secret files as env vars too
if os.path.isdir("/run/secrets"):
if os.path.isdir("/run/secrets") and os.access("/run/secrets", os.R_OK):
for secret_file in os.listdir("/run/secrets"):
if secret_file.startswith("FRIGATE_"):
FRIGATE_ENV_VARS[secret_file] = Path(

View File

@ -37,8 +37,10 @@ class PlusApi:
self.key = None
if PLUS_ENV_VAR in os.environ:
self.key = os.environ.get(PLUS_ENV_VAR)
elif os.path.isdir("/run/secrets") and PLUS_ENV_VAR in os.listdir(
"/run/secrets"
elif (
os.path.isdir("/run/secrets")
and os.access("/run/secrets", os.R_OK)
and PLUS_ENV_VAR in os.listdir("/run/secrets")
):
self.key = Path(os.path.join("/run/secrets", PLUS_ENV_VAR)).read_text()
# check for the addon options file