From 4dd3d29dc4d3555e3ad2dab63890f7cd13d26b9d Mon Sep 17 00:00:00 2001
From: Dorian <dorian@Dorians-MacBook-Air.local>
Date: Mon, 30 Mar 2026 22:49:36 +0100
Subject: [PATCH] fix: run rootless podman commands as archipelago user in
 doctor

The doctor runs as root (for tor permissions, process cleanup) but
containers are rootless under the archipelago user. Use sudo -u to
switch user context for podman commands.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 scripts/container-doctor.sh | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/scripts/container-doctor.sh b/scripts/container-doctor.sh
index 1addd109..456cc08d 100755
--- a/scripts/container-doctor.sh
+++ b/scripts/container-doctor.sh
@@ -369,13 +369,15 @@ print(' '.join(['\"' + a + '\"' if ' ' in a else a for a in args[2:]]))
 fix_stopped_core_containers() {
     local core_containers="bitcoin-knots lnd electrumx mempool-api archy-mempool-web archy-mempool-db archy-btcpay-db archy-nbxplorer btcpay-server"
     local restarted=()
+    # Doctor runs as root but containers are rootless under archipelago user
+    local PODMANCMD="sudo -u archipelago XDG_RUNTIME_DIR=/run/user/1000 podman"
 
     for name in $core_containers; do
         local state
-        state=$(podman inspect "$name" --format '{{.State.Status}}' 2>/dev/null || echo "missing")
+        state=$($PODMANCMD inspect "$name" --format '{{.State.Status}}' 2>/dev/null || echo "missing")
         if [ "$state" = "exited" ] || [ "$state" = "stopped" ]; then
             log "Restarting stopped container: $name"
-            podman start "$name" 2>/dev/null && restarted+=("$name") || true
+            $PODMANCMD start "$name" 2>/dev/null && restarted+=("$name") || true
         fi
     done