init-perms chowns to hardcoded 2003:2003, breaks zaino 0.4.0 (runs as 1000:1000)

[nachog00]

Describe the bug
The zcash-stack Helm chart's zaino StatefulSet init-perms init container hardcodes chown -R 2003:2003 /home/zaino, but zaino 0.4.0's Dockerfile switched from root to a non-root user at UID 1000. This causes an LMDB permission error (errno 13) when zaino tries to open its database on snapshot-restored volumes.

To Reproduce
Deploy zaino 0.4.0-rc.2 with use-cache=true (snapshot from a golden deployment running 0.2.x). The init-perms container chowns the data to 2003:2003, but the zaino container runs as 1000:1000 and can't open the LMDB files.

Error

thread 'main' panicked at packages/zaino-state/src/backends/fetch.rs:151:14:
called `Result::unwrap()` on an `Err` value: FinalisedStateInitialzationError(LmdbError(Other(13)))

Root cause

• Golden zaino 0.2.x ran as root (UID 0) — ownership didn't matter
• Zaino 0.4.0 runs as UID 1000 (non-root) — correct security practice
• The Helm chart's init-perms hardcodes 2003:2003 which matches neither

Suggested fix
Make the init-perms UID/GID configurable in the zcash-stack chart via values (e.g. zaino.securityContext.runAsUser), and/or set fsGroup on the pod security context so Kubernetes handles volume ownership automatically.

Affected chart: zingolabs/zcash-stack (issues disabled on that repo)