[Bug]: Podman-deployed Hermes gives error

[woutercoppens]

Bug Description

The hermes agent tries to create /opt/hermes/.local folder and gets a permission denied error.

Steps to Reproduce

cat hermes.container (quadlet file)

vim: ft=systemd

[Unit]
Description=The Hermes Agent container
After=network-online.target
Requires=pgvector.service

[Service]
Restart=always

[Install]
WantedBy=default.target

[Container]
ContainerName=%N
HostName=%N

Image=docker.io/nousresearch/hermes-agent:latest
AutoUpdate=registry
Exec=gateway run

Network=mynet
PublishPort=8642:8642

Map host UID/GID to the same UID/GID inside the container

UserNS=keep-id

Run the container process as this user (matches the host user due to keep-id)

User=%U:%G

Volume=%h/containers/%N/data:/opt/data:z

Secret=discord-bot-token,type=env,target=DISCORD_BOT_TOKEN
Environment=HERMES_UID=%U
Environment=HERMES_GID=%G
EnvironmentFile=%h/containers/%N/%N.env

Timezone=Europe/Brussels

HealthCmd=CMD-SHELL /opt/hermes/.venv/bin/python3 -c "import requests; exit() if requests.get('http://localhost:8642/health').status_code == 200 else exit(1)"
HealthInterval=10s
HealthRetries=3
HealthStartPeriod=40s

Expected Behavior

It should be able to create the /opt/hermes/.local directory

Actual Behavior

: Traceback (most recent call last):
hermes[95434]: File "/usr/lib/python3.13/pathlib/_local.py", line 724, in mkdir
PermissionError: [Errno 13] Permission denied: '/opt/hermes/.local'

Affected Component

Setup / Installation

Messaging Platform (if gateway-related)

Discord

Debug Report

apr 27 14:09:51 aipc podman[95411]: 2026-04-27 14:09:51.536664004 +0200 CEST m=+0.128592785 container start 0b2239e3f29cb3192c786b3288b1a5852284688981d1c4ad490d91e5ddb9e55c (image=docker.i>
apr 27 14:09:51 aipc hermes[95411]: 0b2239e3f29cb3192c786b3288b1a5852284688981d1c4ad490d91e5ddb9e55c
apr 27 14:09:51 aipc hermes[95434]: Syncing bundled skills into ~/.hermes/skills/ ...
apr 27 14:09:51 aipc hermes[95434]:
apr 27 14:09:51 aipc hermes[95434]: Done: 0 new, 0 updated, 81 unchanged. 81 total bundled.
apr 27 14:09:52 aipc hermes[95434]: ┌─────────────────────────────────────────────────────────┐
apr 27 14:09:52 aipc hermes[95434]: │           ⚕ Hermes Gateway Starting...                 │
apr 27 14:09:52 aipc hermes[95434]: ├─────────────────────────────────────────────────────────┤
apr 27 14:09:52 aipc hermes[95434]: │  Messaging platforms + cron scheduler                    │
apr 27 14:09:52 aipc hermes[95434]: │  Press Ctrl+C to stop                                   │
apr 27 14:09:52 aipc hermes[95434]: └─────────────────────────────────────────────────────────┘
apr 27 14:09:52 aipc hermes[95434]:
apr 27 14:09:53 aipc hermes[95434]: ERROR gateway.platforms.discord: [Discord] Failed to connect to Discord: [Errno 13] Permission denied: '/opt/hermes/.local'
apr 27 14:09:53 aipc hermes[95434]: Traceback (most recent call last):
apr 27 14:09:53 aipc hermes[95434]:   File "/usr/lib/python3.13/pathlib/_local.py", line 724, in mkdir
apr 27 14:09:53 aipc hermes[95434]:     os.mkdir(self, mode)
apr 27 14:09:53 aipc hermes[95434]:     ~~~~~~~~^^^^^^^^^^^^
apr 27 14:09:53 aipc hermes[95434]: FileNotFoundError: [Errno 2] No such file or directory: '/opt/hermes/.local/state/hermes/gateway-locks'
apr 27 14:09:53 aipc hermes[95434]:
apr 27 14:09:53 aipc hermes[95434]: During handling of the above exception, another exception occurred:
apr 27 14:09:53 aipc hermes[95434]:
apr 27 14:09:53 aipc hermes[95434]: Traceback (most recent call last):
apr 27 14:09:53 aipc hermes[95434]:   File "/usr/lib/python3.13/pathlib/_local.py", line 724, in mkdir
apr 27 14:09:53 aipc hermes[95434]:     os.mkdir(self, mode)
apr 27 14:09:53 aipc hermes[95434]:     ~~~~~~~~^^^^^^^^^^^^
apr 27 14:09:53 aipc hermes[95434]: FileNotFoundError: [Errno 2] No such file or directory: '/opt/hermes/.local/state/hermes'
apr 27 14:09:53 aipc hermes[95434]:
apr 27 14:09:53 aipc hermes[95434]: During handling of the above exception, another exception occurred:
apr 27 14:09:53 aipc hermes[95434]:
apr 27 14:09:53 aipc hermes[95434]: Traceback (most recent call last):
apr 27 14:09:53 aipc hermes[95434]:   File "/usr/lib/python3.13/pathlib/_local.py", line 724, in mkdir
apr 27 14:09:53 aipc hermes[95434]:     os.mkdir(self, mode)
apr 27 14:09:53 aipc hermes[95434]:     ~~~~~~~~^^^^^^^^^^^^
apr 27 14:09:53 aipc hermes[95434]: FileNotFoundError: [Errno 2] No such file or directory: '/opt/hermes/.local/state'
apr 27 14:09:53 aipc hermes[95434]:
apr 27 14:09:53 aipc hermes[95434]: During handling of the above exception, another exception occurred:
apr 27 14:09:53 aipc hermes[95434]:
apr 27 14:09:53 aipc hermes[95434]: Traceback (most recent call last):
apr 27 14:09:53 aipc hermes[95434]:   File "/opt/hermes/gateway/platforms/discord.py", line 568, in connect
apr 27 14:09:53 aipc hermes[95434]:     if not self._acquire_platform_lock('discord-bot-token', self.config.token, 'Discord bot token'):
apr 27 14:09:53 aipc hermes[95434]:            ~~~~~~~~~~~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
apr 27 14:09:53 aipc hermes[95434]:   File "/opt/hermes/gateway/platforms/base.py", line 1227, in _acquire_platform_lock
apr 27 14:09:53 aipc hermes[95434]:     acquired, existing = acquire_scoped_lock(
apr 27 14:09:53 aipc hermes[95434]:                          ~~~~~~~~~~~~~~~~~~~^
apr 27 14:09:53 aipc hermes[95434]:         scope, identity, metadata={'platform': self.platform.value}
apr 27 14:09:53 aipc hermes[95434]:         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
apr 27 14:09:53 aipc hermes[95434]:     )
apr 27 14:09:53 aipc hermes[95434]:     ^
apr 27 14:09:53 aipc hermes[95434]:   File "/opt/hermes/gateway/status.py", line 471, in acquire_scoped_lock
apr 27 14:09:53 aipc hermes[95434]:     lock_path.parent.mkdir(parents=True, exist_ok=True)
apr 27 14:09:53 aipc hermes[95434]:     ~~~~~~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
apr 27 14:09:53 aipc hermes[95434]:   File "/usr/lib/python3.13/pathlib/_local.py", line 728, in mkdir
apr 27 14:09:53 aipc hermes[95434]:     self.parent.mkdir(parents=True, exist_ok=True)
apr 27 14:09:53 aipc hermes[95434]:     ~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
apr 27 14:09:53 aipc hermes[95434]:   File "/usr/lib/python3.13/pathlib/_local.py", line 728, in mkdir
apr 27 14:09:53 aipc hermes[95434]:     self.parent.mkdir(parents=True, exist_ok=True)
apr 27 14:09:53 aipc hermes[95434]:     ~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
apr 27 14:09:53 aipc hermes[95434]:   File "/usr/lib/python3.13/pathlib/_local.py", line 728, in mkdir
apr 27 14:09:53 aipc hermes[95434]:     self.parent.mkdir(parents=True, exist_ok=True)
apr 27 14:09:53 aipc hermes[95434]:     ~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
apr 27 14:09:53 aipc hermes[95434]:   File "/usr/lib/python3.13/pathlib/_local.py", line 724, in mkdir
apr 27 14:09:53 aipc hermes[95434]:     os.mkdir(self, mode)
apr 27 14:09:53 aipc hermes[95434]:     ~~~~~~~~^^^^^^^^^^^^
apr 27 14:09:53 aipc hermes[95434]: PermissionError: [Errno 13] Permission denied: '/opt/hermes/.local'
apr 27 14:09:53 aipc hermes[95434]: WARNING gateway.run: ✗ discord failed to connect
apr 27 14:10:23 aipc hermes[95434]: ERROR gateway.platforms.discord: [Discord] Failed to connect to Discord: [Errno 13] Permission denied: '/opt/hermes/.local'
apr 27 14:10:23 aipc hermes[95434]: Traceback (most recent call last):
apr 27 14:10:23 aipc hermes[95434]:   File "/usr/lib/python3.13/pathlib/_local.py", line 724, in mkdir
apr 27 14:10:23 aipc hermes[95434]:     os.mkdir(self, mode)

Operating System

Bluefin Linux (Fedora variant)

Python Version

3.13

Hermes Version

latest docker

Additional Logs / Traceback (optional)

Root Cause Analysis (optional)

No response

Proposed Fix (optional)

No response

Are you willing to submit a PR for this?

• I'd like to fix this myself and submit a PR