I am trying to have a single daemon run as the ipfs:ipfs user and have other users access it. I tried adding my users to the ipfs group, but I keep getting permission denied errors:
chymera@neurohost ~ $ ipfs get Qmep2QrM7L7ditXcjKArVPkvmMtVNAh4p5KSPBBS8usr1X
Error: error loading plugins: open /var/lib/ipfs/.ipfs/config: permission denied
chymera@neurohost ~ $ ls -lah /var/lib/ipfs/.ipfs/
total 36K
drwxr-xr-x 5 ipfs ipfs 4.0K Apr 13 18:55 .
drwxrwxr-x 3 ipfs ipfs 4.0K Apr 13 18:05 ..
-rw-r--r-- 1 ipfs ipfs 23 Apr 13 18:51 api
drwxr-xr-x 7 ipfs ipfs 4.0K Apr 13 18:51 blocks
-rw------- 1 ipfs ipfs 3.7K Apr 13 18:00 config
drwxr-xr-x 2 ipfs ipfs 4.0K Apr 13 18:56 datastore
-rw------- 1 ipfs ipfs 190 Apr 13 18:00 datastore_spec
drwx------ 2 ipfs ipfs 4.0K Apr 13 18:00 keystore
-rw-r--r-- 1 ipfs ipfs 0 Apr 13 18:51 repo.lock
-rw-r--r-- 1 ipfs ipfs 3 Apr 13 18:00 version
The issue is probably that the config does not have group read permissions.
Interestingly, the config documentation says this file shouldn’t even be accessed if the daemon is running ( go-ipfs/config.md at master · ipfs/go-ipfs · GitHub ) but somehow it is.
I thought perhaps I need to connect to the daemon more explicitly, and the only thing I could find pertaining to that is the --api
flag, which does not seem to do anything either:
chymera@neurohost ~ $ ipfs --api=/ip4/127.0.0.1/tcp/5001 get Qmep2QrM7L7ditXcjKArVPkvmMtVNAh4p5KSPBBS8usr1X
Error: error loading plugins: open /var/lib/ipfs/.ipfs/config: permission denied
Any ideas what could be going on here?