Stats
Actions
Tags
From iris-dev
Fixes IRIS Docker container startup crash on Linux caused by bind-mounted volume permissions (UID 51773 irisowner). Provides ACL, tmpfs, chown, and named volume solutions.
How this skill is triggered — by the user, by Claude, or both
Slash command
/iris-dev:iris-linux-dockerThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
ALL IRIS container editions run as UID 51773 (`irisowner`). On Linux, if you
ALL IRIS container editions run as UID 51773 (irisowner). On Linux, if you
bind-mount a host directory owned by UID 1000 (typical Linux user), the container
can read the volume but cannot write to it. IRIS needs write access at startup.
Symptom — container exits immediately with:
terminate called after throwing an instance of 'std::runtime_error'
what(): Unable to find/open file iris-main.log in current directory /home/irisowner/dev
Affected: All IRIS editions on Linux — community, enterprise, irishealth, ai_hub, light. Not affected: macOS (VirtioFS translates permissions transparently).
Source: READY 2026 hackathon (Anthony Master, careconnect team).
Minimal footprint, no broad permission changes, new files inherit automatically:
setfacl -R -m u:51773:rwX <repo-dir>
setfacl -R -d -m u:51773:rwX <repo-dir>
The -d flag sets default ACL so new files/dirs created inside inherit the rule.
Verify: getfacl <repo-dir>
If re-cloning: the new clone directory needs these commands re-run.
Add to your project Makefile or README setup steps.
# docker-compose.yml
services:
iris:
volumes:
- type: tmpfs
target: /home/irisowner/dev
sudo chown -R 51773:51773 <repo-dir>
Works but gives irisowner ownership of your source files on the host.
volumes:
iris-data:
services:
iris:
volumes:
- iris-data:/home/irisowner/dev
Data persists in Docker's managed storage, no host permission issues.
When using iris-devtester with a bind-mounted workspace on Linux:
from iris_devtester import IRISContainer
container = (
IRISContainer("intersystemsdc/iris-community:latest")
.with_name("myapp-iris")
.with_bind_mount("/home/user/myproject", "/home/irisowner/dev")
.start()
)
# If this fails on Linux with iris-main.log error:
# Run: setfacl -R -m u:51773:rwX /home/user/myproject
# setfacl -R -d -m u:51773:rwX /home/user/myproject
# DO NOT do this on Linux without fixing permissions first:
volumes:
- ./:/home/irisowner/dev # Will fail if host dir owned by uid 1000
npx claudepluginhub intersystems-community/iris-agentic-devLoad, compile, run, and test ObjectScript code in an IRIS Docker container. Use when needing to execute ObjectScript non-interactively, load .cls/.mac/.inc files, or run %UnitTest tests via docker exec.
Provides platform-specific Docker guidance for Windows file paths, Linux daemon configs, SELinux/AppArmor, and macOS considerations. Useful for cross-platform Docker setups.
Docker and Podman container management: Dockerfile optimization, multi-stage builds, Compose v2 orchestration, networking, volumes, security hardening, supply chain integrity, health checks, resource limits, Quadlet systemd integration, and debugging. Invoke whenever task involves any interaction with containers — writing Dockerfiles, configuring Compose, managing Podman Quadlets, reviewing container security, debugging container issues, or setting up image signing and scanning.