You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Though in many scenarios, running the container as an arbitrary user may be perfectly acceptable, there are some use cases in which the user must be known to the system.
To list a few of them:
Composer
When composer is run as an arbitrary user, it will use /.composer for COMPOSER_HOME instead of ~/.composer, which may result in permission issues.
Moreover, it's impossible to chown that particular directory in the build, since the UID/GID of the user is unknown at this time.
The only remaining choice would be then to chmod the /.composer dir to 777 mode, which is, needless to say, the worth practice ever.
SSH
Every command or process using the SSH protocol will search the default ~/.ssh folder for private/public keys, known hosts, etc... which does not exist for an arbitrary user.
This is the case when the composer.json refers to private repositories with ssh-fashion urls, like [email protected].
Solution
Implement a USER build arg (plus an optional GROUP one) which will trigger - if not empty - the standard user / group creation during build with the given USER as user id / GROUP as group id.
If USER is set but GROUP has been left empty, the USER value will be used for the group id.
The text was updated successfully, but these errors were encountered:
Problem
Though in many scenarios, running the container as an arbitrary user may be perfectly acceptable, there are some use cases in which the user must be known to the system.
To list a few of them:
Composer
When
composer
is run as an arbitrary user, it will use/.composer
forCOMPOSER_HOME
instead of~/.composer
, which may result in permission issues.Moreover, it's impossible to
chown
that particular directory in the build, since theUID/GID
of the user is unknown at this time.The only remaining choice would be then to
chmod
the/.composer
dir to777
mode, which is, needless to say, the worth practice ever.SSH
Every command or process using the SSH protocol will search the default
~/.ssh
folder for private/public keys, known hosts, etc... which does not exist for an arbitrary user.This is the case when the
composer.json
refers to private repositories with ssh-fashion urls, like[email protected]
.Solution
Implement a
USER
build arg (plus an optionalGROUP
one) which will trigger - if not empty - the standard user / group creation during build with the givenUSER
as user id /GROUP
as group id.If
USER
is set butGROUP
has been left empty, theUSER
value will be used for the group id.The text was updated successfully, but these errors were encountered: