Thanks to visit codestin.com
Credit goes to github.com

Skip to content

bug: Permission denied in /var/task/META-INF/services #12812

New issue
New issue
Open
Open
bug: Permission denied in /var/task/META-INF/services#12812
Labels
aws:lambdaAWS Lambdastatus: backlogTriaged but not yet being worked ontype: bugBug report
@filipemarques87

Description

@filipemarques87
filipemarques87
opened on Jun 27, 2025

Is there an existing issue for this?

  • I have searched the existing issues

Current Behavior

Java lambda fails to load files from /var/task/META-INF/services directory.

Expected Behavior

the files under /var/task/META-INF should have the right permissions

How are you starting LocalStack?

With a docker-compose file

Steps To Reproduce

This is docker compose file:

version: "3.7"

services:
  localstack:
    image: localstack/localstack
    networks:
      - test-network
    ports:
      - "127.0.0.1:4566:4566"
    environment:
      - "SERVICES=lambda"
      - "LAMBDA_DOCKER_NETWORK=test-network" 
      - "DEBUG=1"
    volumes:
      - "/var/run/docker.sock:/var/run/docker.sock"
      - "$PWD/infrastructure.sh:/etc/localstack/init/ready.d/infrastructure.sh"
      - "$PWD/target/deploy-package/lambda.jar:/tmp/lambdaa.jar"

networks:
  test-network:

the shell script to create the lambda fucntion (infrastructure.sh)

awslocal lambda create-function \
        --function-name my-function \
        --runtime java17 \
        --zip-file fileb:///tmp/lambda.jar \
        --handler Handler \
        --role arn:aws:iam::000000000000:role/lambda-role \
        --timeout 300 \
        --memory-size 512 

awslocal lambda wait function-active-v2 --function-name my-function

this is the error that i am getting when la,bda function starts:

SEVERE: Failed to read service files via classloader: /var/task/META-INF/services/io.grpc.NameResolverProvider (Permission denied)
java.io.FileNotFoundException: /var/task/META-INF/services/io.grpc.NameResolverProvider (Permission denied)
	at java.base/java.io.FileInputStream.open0(Native Method)
	at java.base/java.io.FileInputStream.open(Unknown Source)
	at java.base/java.io.FileInputStream.<init>(Unknown Source)
	at java.base/java.io.FileInputStream.<init>(Unknown Source)
	at java.base/sun.net.www.protocol.file.FileURLConnection.connect(Unknown Source)
	at java.base/sun.net.www.protocol.file.FileURLConnection.getInputStream(Unknown Source)
	at java.base/java.net.URL.openStream(Unknown Source)
	...

I also check the permissions of that specific file

INFO: Path: /var/task/META-INF/services/io.grpc.NameResolverProvider, Readable: false, Writable: false, Executable: false, IsDirectory: false

if i unzip and check the permissions that that file, i can see that that file has read permissions

Environment

- OS: Ubuntu 22.04.5 LTS
- LocalStack:
  LocalStack version: 4.5.1.dev46
  LocalStack Docker image sha: 2fb6d53c3ad36c91e9ce2fae0cef56cb60a71ff94b71bdae7236b05ad717a673
  LocalStack build date: 2025-06-20
  LocalStack build git hash: 6348947e8

Anything else?

No response

Metadata

Metadata

Assignees

No one assigned

    Labels

    aws:lambdaAWS Lambdastatus: backlogTriaged but not yet being worked ontype: bugBug report

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions