actions
Error: File was unable to be removed Error: EACCES: permission denied, rmdir '/opt/actions-runner/_work/...
When I run checout second+ times I have error like this on the title on my ubuntu self-hosted runner. A config is very simple like
on:
push:
branches: [ "production", "developing" ]
pull_request:
branches: [ "production", "developing" ]
workflow_dispatch:
env:
IMAGE_NAME: ${{ github.repository }}
jobs:
testing:
runs-on: self-hosted
permissions:
contents: write
steps:
- uses: actions/checkout@v4
- uses: hoverkraft-tech/[email protected]
with:
up-flags: "--build"
- name: testing
run: "docker compose exec app pytest"
...
This command can help, but just once. After on the next running of job I see the same errors:
sudo chmod -R u+w /opt/actions-runner/_work/
sudo chown -R <username>:<group> /opt/actions-runner/_work/
@seniordev-ca Nothing better than this yet
This command can help, but just once. After on the next running of job I see the same errors:
sudo chmod -R u+w /opt/actions-runner/_work/ sudo chown -R
: /opt/actions-runner/_work/
We are facing the same issue on all GitHub managed runners since this morning.
Error: File was unable to be removed Error: EACCES: permission denied, unlink '/home/runner/work/<reponame>/<reponame>/pkg/mod/golang.org/x/telemetry/[email protected]/LICENSE'
A quick workaround for us was to disable the GOPROXY before the first checkout step as described here: https://github.com/golang/go/issues/67463#issuecomment-2120473780
- run: |
echo "GOPROXY=off" >> $GITHUB_ENV
I faced same issue. But the following code resolve this issue:
./svc.sh install root
sudo ./svc.sh start
(please uninstall existing service, first)
Having the same issue with Github cloud hosted runners and custom docker images using ghcr.io registry.
jobs:
build:
runs-on: ubuntu-latest
container:
image: ghcr.io/${{ github.repository_owner }}/MY_CUSTOM_IMAGE:main
credentials:
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
steps:
- uses: actions/[email protected]
Is producing the following output
/usr/bin/docker exec 9c1ef0722b50a35be011c94cd4b11613abd66de932815320787efe6a556b42ec sh -c "cat /etc/*release | grep ^ID"
node:fs:2346
return binding.writeFileUtf8(
^
Error: EACCES: permission denied, open '/__w/_temp/_runner_file_commands/save_state_67a1c14a-d0a9-4347-a4e9-91d95775aead'
at Object.writeFileSync (node:fs:2346:20)
at Object.appendFileSync (node:fs:2427:6)
at Object.issueFileCommand (/__w/_actions/actions/checkout/v4.1.0/dist/index.js:2967:8)
at Object.saveState (/__w/_actions/actions/checkout/v4.1.0/dist/index.js:2884:31)
at 8647 (/__w/_actions/actions/checkout/v4.1.0/dist/index.js:2343:10)
at __nccwpck_require__ (/__w/_actions/actions/checkout/v4.1.0/dist/index.js:[18](https://github.com/###REDACTED###/actions/runs/10448856273/job/28973868656#step:3:19)273:43)
at 2565 (/__w/_actions/actions/checkout/v4.1.0/dist/index.js:146:34)
at __nccwpck_require__ (/__w/_actions/actions/checkout/v4.1.0/dist/index.js:18273:43)
at 9[21](https://github.com/###REDACTED###/actions/runs/10448856273/job/28973868656#step:3:22)0 (/__w/_actions/actions/checkout/v4.1.0/dist/index.js:1144:36)
at __nccwpck_require__ (/__w/_actions/actions/checkout/v4.1.0/dist/index.js:18273:43) {
errno: -13,
code: 'EACCES',
syscall: 'open',
path: '/__w/_temp/_runner_file_commands/save_state_67a1c14a-d0a9-4347-a4e9-91d95775aead'
}
Also getting this issue. I'm using this workaround with some success.
- uses: actions/checkout@v4
with:
path: ${{ github.sha }}
Also getting this issue. I'm using this workaround with some success.
- uses: actions/checkout@v4 with: path: ${{ github.sha }}
This worked for one of our pipelines that had two jobs running on a single self hosted server runner. The first job always succeeded but the second job would fail until we added path: ${{ github.sha }}
Also getting this issue. I'm using this workaround with some success.
- uses: actions/checkout@v4 with: path: ${{ github.sha }}This worked for one of our pipelines that had two jobs running on a single self hosted server runner. The first job always succeeded but the second job would fail until we added
path: ${{ github.sha }}
Not working for me: https://github.com/Health-RI/ckanext-dcat/actions/runs/11841455363
I found the problem, at least what it looks like on our end. The build couldn't get rid of some golang build files, and I looked in the directory that couldn't be gotten rid of. Look what I found:
total 128K
dr-xr-xr-x 19 github github 4.0K Dec 23 20:48 .
drwxr-xr-x 8 github github 4.0K Dec 23 20:48 ..
dr-xr-xr-x 2 github github 4.0K Dec 23 20:48 cases
dr-xr-xr-x 3 github github 4.0K Dec 23 20:48 cmd
-r--r--r-- 1 github github 21 Dec 23 20:48 codereview.cfg
dr-xr-xr-x 4 github github 4.0K Dec 23 20:48 collate
-r--r--r-- 1 github github 913 Dec 23 20:48 CONTRIBUTING.md
dr-xr-xr-x 2 github github 4.0K Dec 23 20:48 currency
dr-xr-xr-x 2 github github 4.0K Dec 23 20:48 date
-r--r--r-- 1 github github 653 Dec 23 20:48 doc.go
dr-xr-xr-x 12 github github 4.0K Dec 23 20:48 encoding
dr-xr-xr-x 3 github github 4.0K Dec 23 20:48 feature
-r--r--r-- 1 github github 8.8K Dec 23 20:48 gen.go
-r--r--r-- 1 github github 345 Dec 23 20:48 .gitattributes
-r--r--r-- 1 github github 206 Dec 23 20:48 .gitignore
-r--r--r-- 1 github github 220 Dec 23 20:48 go.mod
-r--r--r-- 1 github github 523 Dec 23 20:48 go.sum
dr-xr-xr-x 16 github github 4.0K Dec 23 20:48 internal
dr-xr-xr-x 4 github github 4.0K Dec 23 20:48 language
-r--r--r-- 1 github github 1.5K Dec 23 20:48 LICENSE
dr-xr-xr-x 4 github github 4.0K Dec 23 20:48 message
dr-xr-xr-x 2 github github 4.0K Dec 23 20:48 number
-r--r--r-- 1 github github 1.3K Dec 23 20:48 PATENTS
-r--r--r-- 1 github github 3.0K Dec 23 20:48 README.md
dr-xr-xr-x 2 github github 4.0K Dec 23 20:48 runes
dr-xr-xr-x 2 github github 4.0K Dec 23 20:48 search
dr-xr-xr-x 4 github github 4.0K Dec 23 20:48 secure
dr-xr-xr-x 2 github github 4.0K Dec 23 20:48 transform
dr-xr-xr-x 7 github github 4.0K Dec 23 20:48 unicode
dr-xr-xr-x 2 github github 4.0K Dec 23 20:48 width
The files all have github as their owner, which is correct, but they are a lot of them marked -r--r--r--, which disallows the build from removing the file.
The solution (workaround) is to add this build step before checkout:
- name: https://github.com/actions/checkout/issues/1720
run: |
chmod -R u+rwX .
Perhaps you guys might add a chmod option to fix?
Some people might experience in self hosted runners that the writing of GitHub runner temp folders (anything under _work) that is done whilst using docker containers might not match what the runner can have access to.
This could occur because a mismatch of what user docker is associated with and the user of the GitHub runner.
The solution would be to just make sure that both users can access the same resources.
For example, If you're running docker with --priviledge access, make sure your GitHub runner service is running as root.
I am curious how many people get this error when running directly on the host compared to running in a container?
The only way I have been able to resolve this issue when installing the service as non-root was to:
- Add the actions-runner user to the Docker group.
- Update /etc/subuid and /etc/subgid to map the actions-runner UID and GID correctly.
- Configure Docker’s daemon to use user namespace remapping with the actions-runner user.
I am curious how many people get this error when running directly on the host compared to running in a container?
We get this issue when running 20+ runners on a host WITHOUT docker in my org...
apt install -y acl
setfacl -R -d -m u:ACTIONS_USER:rwx /home/ACTIONS_USER
Getting the EACCES error as well and tried this on Ubuntu 24.04, it seems to have worked? This command makes sure that any file created in the self-hosted runner's home directory will be rwx-able by the actions user.
Let me know if I missed anything
