[BUG] s6-overlay /run permission / ownership issue

[sparagus]

Is there an existing issue for this?

• I have searched the existing issues

Current Behavior

As of 1.0.20210914-r4-ls62, container can't start if docker is using a user namespace, even though userns_mode is set to "host".

s6-overlay seems to not be able to set correct permissions/ownership to /run.

Reverting to 1.0.20210914-r4-ls61 fixes the issue.

I've encountered this problem with several linuxserver.io containers, is this type of setup not supported anymore?

Expected Behavior

Container should start.

Steps To Reproduce

1. Change docker environment to run in user namespace.
2. Start container using userns_mode: "host"

Environment

- OS:Debian 12
- How docker service was installed:
standard docker installation for Debian (https://docs.docker.com/engine/install/debian/) followed by editing /etc/docker/daemon.json to enable user namespace

{
  "userns-remap": "default"
}

CPU architecture

x86-64

Docker creation

services:
  wireguard:
    image: lscr.io/linuxserver/wireguard:1.0.20210914-r4-ls62
    userns_mode: "host"
    container_name: wireguard
    cap_add:
      - NET_ADMIN
      - SYS_MODULE #optional
    environment:
      - PUID=5000
      - PGID=5000
      - TZ=Europe/Berlin
    volumes:
      - ./config:/config
    ports:
      - 51821:51820/udp
    sysctls:
      - net.ipv4.conf.all.src_valid_mark=1
    restart: unless-stopped

Container logs

s6-overlay-suexec: warning: real uid is 0 while effective uid is 493216; setting everything to 0; check s6-overlay-suexec permissions

/package/admin/s6-overlay/libexec/preinit: fatal: /run belongs to uid 493216 instead of 0 and we're lacking the privileges to fix it.

s6-overlay-suexec: fatal: child failed with exit code 100

[github-actions]

Thanks for opening your first issue here! Be sure to follow the relevant issue templates, or risk having this issue marked as invalid.