[BUG] docker compose fails as non-root

[sadorowo]

Description

I tried to host Akkoma, lightweight Mastodon alternative. It requires me to create new, non-root user like this:

sudo useradd -r -s /bin/false -m -d /var/lib/akkoma -U akkoma

Then, I added akkoma to docker group, and logged out.
When I'm on root, everything works perfectly, but when I switch to akkoma user:
sudo -Hu akkoma $SHELL

Docker is working, but Docker Compose not.
Only one subcommand is working: version

I'm getting this panic message:

panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x18 pc=0x1c53a8d]

goroutine 1 [running]:
github.com/docker/compose/v2/cmd/compose.(*ProjectOptions).toProjectOptions.WithEnvFiles.func2(0xc0005222d0)
        github.com/compose-spec/compose-go/v2@v2.0.0/cli/options.go:283 +0x10d
github.com/compose-spec/compose-go/v2/cli.NewProjectOptions({0x37ce560, 0x0, 0x0}, {0xc000588140, 0x8, 0x1ec5b00?})
        github.com/compose-spec/compose-go/v2@v2.0.0/cli/options.go:97 +0xf3
github.com/docker/compose/v2/cmd/compose.(*ProjectOptions).toProjectOptions(0xc000325f40, {0x0, 0x0, 0x0})
        github.com/docker/compose/v2/cmd/compose/compose.go:308 +0x2dc
github.com/docker/compose/v2/cmd/compose.setEnvWithDotEnv(0xc000325f40?)
        github.com/docker/compose/v2/cmd/compose/compose.go:576 +0xa5
github.com/docker/compose/v2/cmd/compose.RootCommand.func2(0xc000432f00, {0x37ce560, 0x0, 0x0})
        github.com/docker/compose/v2/cmd/compose/compose.go:372 +0xd0
main.pluginMain.func1.1(0xc0000e2a00?, {0x37ce560, 0x0, 0x0})
        github.com/docker/compose/v2/cmd/main.go:55 +0x158
github.com/spf13/cobra.(*Command).execute(0xc000432f00, {0xc00051b890, 0x0, 0x0})
        github.com/spf13/cobra@v1.8.0/command.go:954 +0x94b
github.com/spf13/cobra.(*Command).ExecuteC(0xc000439500)
        github.com/spf13/cobra@v1.8.0/command.go:1115 +0x3ff
github.com/spf13/cobra.(*Command).Execute(...)
        github.com/spf13/cobra@v1.8.0/command.go:1039
github.com/docker/cli/cli-plugins/plugin.RunPlugin(0x1c7f693?, 0xc000540900, {{0x227873b, 0x5}, {0x22823fc, 0xb}, {0x25c5dc0, 0x7}, {0x0, 0x0}, ...})
        github.com/docker/cli@v25.0.4-0.20240305161310-2bf4225ad269+incompatible/cli-plugins/plugin/plugin.go:64 +0x10e
github.com/docker/cli/cli-plugins/plugin.Run(0x23b4fc0, {{0x227873b, 0x5}, {0x22823fc, 0xb}, {0x25c5dc0, 0x7}, {0x0, 0x0}, {0x0, ...}})
        github.com/docker/cli@v25.0.4-0.20240305161310-2bf4225ad269+incompatible/cli-plugins/plugin/plugin.go:77 +0xe5
main.pluginMain()
        github.com/docker/compose/v2/cmd/main.go:38 +0xa5
main.main()
        github.com/docker/compose/v2/cmd/main.go:95 +0x19c

It seems like os.IsNotExist is panicking - according to line number

Steps To Reproduce

1. Clone Akkoma repository
2. Create akkoma user & re-log
3. Switch to akkoma user and update .env:
   echo "DOCKER_USER=$(id -u):$(id -g)" >> .env
4. Try to run the build script ./docker-resources/build.sh
   Build script content:

#!/bin/sh

docker compose build --build-arg UID=$(id -u) --build-arg GID=$(id -g) akkoma
docker compose build --build-arg UID=$(id -u) --build-arg GID=$(id -g) db

5. Encounter an error

Compose Version

docker compose version: v2.25.0
I don't have docker-compose command installed.

Docker Environment

Client: Docker Engine - Community
 Version:    26.0.0
 Context:    default
 Debug Mode: false
 Plugins:
  buildx: Docker Buildx (Docker Inc.)
    Version:  v0.13.1
    Path:     /usr/libexec/docker/cli-plugins/docker-buildx
  compose: Docker Compose (Docker Inc.)
    Version:  v2.25.0
    Path:     /usr/libexec/docker/cli-plugins/docker-compose

Server:
 Containers: 31
  Running: 26
  Paused: 0
  Stopped: 5
 Images: 31
 Server Version: 26.0.0
 Storage Driver: overlay2
  Backing Filesystem: extfs
  Supports d_type: true
  Using metacopy: false
  Native Overlay Diff: true
  userxattr: false
 Logging Driver: json-file
 Cgroup Driver: cgroupfs
 Cgroup Version: 1
 Plugins:
  Volume: local
  Network: bridge host ipvlan macvlan null overlay
  Log: awslogs fluentd gcplogs gelf journald json-file local splunk syslog
 Swarm: inactive
 Runtimes: io.containerd.runc.v2 runc
 Default Runtime: runc
 Init Binary: docker-init
 containerd version: ae07eda36dd25f8a1b98dfbf587313b99c0190bb
 runc version: v1.1.12-0-g51d5e94
 init version: de40ad0
 Security Options:
  seccomp
   Profile: builtin
 Kernel Version: 4.18.0-513.18.1.el8_9.x86_64
 Operating System: AlmaLinux 8.9 (Midnight Oncilla)
 OSType: linux
 Architecture: x86_64
 CPUs: 2
 Total Memory: 1.913GiB
 Name: racknerd-c8a1e8
 ID: 1a24add9-7cc3-441e-83b5-5f4e2b9b2d75
 Docker Root Dir: /var/lib/docker
 Debug Mode: false
 Experimental: false
 Insecure Registries:
  127.0.0.0/8
 Live Restore Enabled: false

Anything else?

Akkoma repository: https://akkoma.dev/AkkomaGang/akkoma

[sadorowo]

It was a permission issue. However, I think I should see normal error message not Golang panic.

[ndeloof]

indeed, https://github.com/compose-spec/compose-go/blob/v2.0.0/cli/options.go#L283

must check err != nil before we can access s