Issues with sudo and privileges in workflow containers run on reana

Trying to run the monojet workflow on reana, some of the issues I’ve run into is to do with sudo privileges and permissions.

Sudo privileges

When any command in the steps.yaml file tries to use sudo privileges, which works fine when running directly with yadage locally, it results in the following error message, as shown in the reana logs on https://reana-qa.cern.ch:

sudo: unknown uid 1000: who are you?

Example: uncertainty_tool_stage

reana output for this step:

job: 
 sudo: unknown uid 1000: who are you?
sudo: unknown uid 1000: who are you?

Permissions

When I go through and remove the use of sudo from the steps.yml file, the above step mentioned under ‘Sudo privileges’ succeeds, but others fail with error messages indicating insufficient permissions to create files/directories.

Example 1

Bash command in steps.yml: https://gitlab.cern.ch/atlas-phys/exot/jdm/ANA-EXOT-2018-06/workflow/blob/without_kerberos/steps.yml#L36

reana log output: mkdir: cannot create directory mc_dir’: Permission denied`

Example 2

Bash command in steps.yml: https://gitlab.cern.ch/atlas-phys/exot/jdm/ANA-EXOT-2018-06/workflow/blob/without_kerberos/steps.yml#L41

reana log output: mkdir: cannot create directory SignalMC’: Permission denied`

Is there a way around these permissions issues without the need for sudo privileges?