Permission issues after migrating from Windows to Docker

Plex Media Server NAS & Devices
1

I am in the process of migrating my Plex server from Windows to Docker (hosted on a Synology NAS). I am using the official plexinc/pms-docker image in host mode. I followed the documentation for migrating my config files by zipping the Plex Media Server folder on my Windows machine, moving it to the NAS, and unzipping it in my mapped config directory. After I started up the Docker container for PMS, I am continually getting this error:

PMS: failure detected. Read/write access is required for path: /config/Library/Application Support/Plex Media Server

Some things I’ve noted:

  • I’m getting this same error even after moving my migrated config files away from the config folder on the NAS and allowing the Docker container to create the folders
  • I’ve tried changing ownership of the config folder and setting permissions so everyone can read/write it and all subfolders
  • My understanding is that the Docker container should be creating a plex user on the NAS to take ownership of the files/folders under config. I am not seeing any plex user within the NAS File Station UI. Furthermore, when the container creates the config directory, they are owned by the root user
  • I initially started the Docker container with the following command: sudo docker-compose up -d. Since this appears to be a permissions issue, I later started the container through the Docker UI on the NAS
  • Full path for my config directory: /Local/Docker/configs/pmscfg/Library/Application Support/Plex Media Server
  • The Docker container did successfully create a Preferences.xml file within the above path

Here is my docker-compose.yaml file for pms-docker:

version: '2'
services:
  plex:
    container_name: plex
    image: plexinc/pms-docker
    restart: unless-stopped
    environment:
      - TZ=America/New_York
      - PLEX_CLAIM=<removed>
    network_mode: host
    volumes:
      - /volume1/Local/Docker/configs/pmscfg:/config
      - /volume1/Local/Plex Transcode:/transcode
      - /volume1/Media/Movies:/movies
      - /volume1/Media/Anime/Movies:/anime-movies
      - /volume1/Media/TV Shows:/tv
      - /volume1/Media/Anime/TV Shows:/anime-tv
      - /volume1/Media/Music:/music

A larger snippet of the Docker container logs:

[s6-init] making user provided files available at /var/run/s6/etc...exited 0.

[s6-init] ensuring user provided files have correct perms...exited 0.

[fix-attrs.d] applying ownership & permissions fixes...

[fix-attrs.d] done.

[cont-init.d] executing container initialization scripts...

[cont-init.d] 40-plex-first-run: executing... 

Creating pref shell

Attempting to obtain server token from claim token

  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current

                                 Dload  Upload   Total   Spent    Left  Speed

  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0

Plex Media Server first run setup complete

[cont-init.d] 40-plex-first-run: exited 0.

[cont-init.d] 45-plex-hw-transcode-and-connected-tuner: executing... 

[cont-init.d] 45-plex-hw-transcode-and-connected-tuner: exited 0.

[cont-init.d] 50-plex-update: executing... 

[cont-init.d] 50-plex-update: exited 0.

[cont-init.d] done.

[services.d] starting services

Starting Plex Media Server.

[services.d] done.

PMS: failure detected. Read/write access is required for path: /config/Library/Application Support/Plex Media Server

Stopping Plex Media Server.

kill: usage: kill [-s sigspec | -n signum | -sigspec] pid | jobspec ... or kill -l [sigspec]
2

I’ve gotten plexinc/pms-docker:plexpass working in a Docker container on my Synology (1019+ running DSM 7.1) with the help of ChuckPA. Chuck’s great and will probably chime in soon explaining all you need to know about those permissions. I’m sure once you get those correct things will work from either the Docker container or the locally installed PMS in Synology itself. Since getting the Docker container working for me also allowed me to use HW transcoding I see no need to go back to the locally installed PMS.

I did my Docker container via a docker run and didn’t use docker-compose. Here’s my script, perhaps it’ll help you:

Earth:cat /System/bin/plex
#!/bin/bash
docker_image=plexinc/pms-docker:plexpass

if [ "$1" = "-u" ]; then
  # Remove old image if exists and pull a new one
  image="$(docker images | grep -i plex | awk '{print $3}')"

  if [ "$image" != "" ]; then
    docker stop plex
    docker container rm plex
    docker image rm -f $image
    docker pull $docker_image
  fi

  # Recreate docker container for Plex
  #
  # Note: Getting the right UID/GID for Plex is important. Effectively you
  # want to run as the "plex" user.
  #
  # Also it's important to properly map volumes to your media. On my Plex
  # server media is kept in simply /Videos, /Pictures and Music. IOW that's
  # what you see as the beginning of you path when you do Get Info on a
  # media file in Plex. You may use something different.
  #
  # On Synology these file systems are under /volume1/Media. So the volume
  # mapping for me are to map /volume1/Media/Videos -> /Videos as that's
  # how Plex sees them. I also symlink /Videos -> /volume1/Media/Videos
  # when I access my Plex server through the command line using ssh.
  #
  # If you have hardware transcode capabilities you need the --device thing.
  # I don't know if this is similar on UnRAID.
  docker run \
    -d \
    --name plex \
    --network=host \
    -e TZ="America/Los_Angeles" \
    -e LANG="en_US.UTF-8" \
    -e PLEX_UID=297536 \
    -e PLEX_GID=297536 \
    -h Jupiter \
    -v /volume1/PlexMediaServer/AppData:"/config/Library/Application Support" \
    -v /volume1/PlexMediaServer/AppData/tmp:/tmp \
    -v /volume1/PlexMediaServer/AppData/tmp:/transcode \
    -v /volume1/Media/Videos:/Videos \
    -v /volume1/Media/Pictures:/Pictures \
    -v /volume1/Media/Music:/Music \
    --device=/dev/dri:/dev/dri \
    $docker_image

  # With the container created start plex
  docker start plex

  # This is needed to set the restart option
  docker update --restart=unless-stopped plex
fi
Earth:

One thing you definitely need to get right is the PLEX_UID/GID thing. Chuck has some way of running a task on the Synology to get the UID/GID, I just ssh into my Synology and grep /etc/passwd:

Jupiter:grep -i plexmediaserver /etc/passwd
PlexMediaServer:x:297536:297536::/var/packages/PlexMediaServer/home:/sbin/nologin
Jupiter:

I see you have volume mounts for config and transcode but lack one for tmp. Also, my config volume mount maps into not just /config but /config/Library/Application Support.

I find docker exec to be helpful in debugging things. Try docker exec -it plex bash (where “plex” here is your Docker container name). This’ll give you a shell inside your Docker container with which you can poke around. Notice this in my setup:

Jupiter:docker exec -it plex bash
root@Jupiter:/# grep -i plex /etc/passwd
plex:x:297536:297536::/config:/bin/false
root@Jupiter:/# exit
exit
Jupiter:

Notice that the UID and GID comports with the PLEX_UID/GID settings in my docker run above. You can also poke around doing things like ls -l to evaluate permissions issues, etc.

3

Thanks for the response!

  • Is the PLEX_UID/GID required? The documentation states its optional. Anyway I tried your command and got no response
  • I don’t see any reference to tmp in the documentation, what is that for?
4

I’m just telling you what Chuck told me and what worked for me. I would think that PLEX_UID may not be required but the user would have to have access to the files in order to work. By using PLEX_UID you are using the same UID in the docker container that you are using if you run Plex without Docker (IOW just installed it from Synology and ran it as an app on the Synology box itself). If you use something different then it’s possible that you could screw up the permissions on all your files under Plex.

It might make sense to install Plex on Synology using the Package Center first, get all your files over there and under Plex such that Plex works, and then try docker’ising it.

As for docker’ising it, do you have Docker installed on your Synology? (On the Synology run Package Center > search for Docker and install if necessary). If you have it installed then run the Docker app. I have many Docker containers running:

2022-06-08@13:55:02
2022-06-08@13:55:02765×653 50 KB

One of them is plex.

When you say you tried my command, what command exactly was that? The whole plex bash script? It should have output at least something. Is the plex Docker container listed in the Docker app?

What do you see from an ssh session on your Synology when you do something like docker container ls | grep? Does it list anything?

What happens if you run the docker run command by hand in an ssh session on the Synology?

Oh, BTW, what version of DSM are you running?

5

I don’t want to speak too soon yet but I was able to fix it (so far) by changing the ownership and giving read/write permissions to the config directory (and all subdirectories) to the plex user. It was important to do this to my migrated files (which were under the config directory. Keep in mind I had to do so from within the plex container.

This user was not visible outside of the Docker container, so I thought the container was not creating it.

6

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.