Help Center/ ModelArts/ Model Development/ Using Notebook for AI Development and Debugging/ Managing Notebook Instances/ Starting a Notebook Instance as User root
Updated on 2026-05-29 GMT+08:00
View PDF
Share

Starting a Notebook Instance as User root

On the ModelArts platform, the default username is ma-user and the default user group is ma-group. If you mount an SFS Turbo file system, use a custom image, or directly upload a file, you need to modify the file permissions in advance to ensure that user ma-user has the read permission. Otherwise, the Permission denied error may occur. The following describes the scenarios and operations for starting a notebook instance as user root.

Scenarios

Only dedicated resource pools in the new network mode support starting notebook instances as the root user. For details about how to create a dedicated resource pool in the new network mode, see Creating a Dedicated Resource Pool.

  • Huawei Cloud ModelArts has hardened and optimized the dedicated resource pool network. Only dedicated resource pools in the new network mode support starting notebook instances as the root user. Dedicated resource pools in the old network mode do not support this function and will be gradually restricted from October 15, 2025. For details about how to check whether the old network mode is used and the announcement details, see ModelArts Standard Dedicated Resource Pool Network Adjustment.
  • Public resource pools do not support starting notebook instances as user root.

Specifying a User

When creating a notebook instance, you can specify a user in More Settings. When starting a notebook instance, ModelArts supports the following two running user configurations. Supported configurations may vary depending on the resource settings. For details about how to create a notebook instance, see Creating a Notebook Instance.

  • ma-user/ma-group: The default non-privileged user configuration for ModelArts public images (security mode). To use this mode, the following conditions must be met:
    • User: ma-user (UID: 1000)
    • User group: ma-group (GID: 100)

    Note: If you are using a custom image, you must pre-configure the above user and group in your image; otherwise, the container may fail to start or experience service exceptions due to insufficient permissions. For details about how to add a specific user and user group, see Dockerfile on a Non-ModelArts Base Image.

  • root/root: Runs the notebook instance with the highest privileges. This is suitable for scenarios requiring access to system-level resources but involves potential security risks. When root/root is selected, the system forcibly binds the following user and group:
    • User: root (UID: 0)
    • User group: root (GID: 0)

    Note: Modifying the UID/GID or the associated group for root is strictly prohibited, as doing so may cause container permission conflicts or security vulnerabilities.

FAQs

What should I do if the Specify User option under More Settings cannot be enabled and the message The selected resource pool does not support specified users is displayed when I create a notebook instance?

You can resolve this issue by creating a dedicated resource pool based on a new network.

  1. Create a network and use it to create a dedicated resource pool. For details, see Creating a Dedicated Resource Pool.
  2. Use the new dedicated resource pool to create a notebook instance. For details, see Creating a Notebook Instance.