Cannot change user group id, restart again and again

[chenzilin]

FROM accetto/xubuntu-vnc-novnc:lab-ubuntu18.04.4

$ cat ubuntu-xfce4-dev-docker_chenzilin.sh
#!/bin/bash
sudo docker run -d
-p 14901:22
-p 15901:5901
-p 16901:6901
--user 1000:1000
--restart=always
--name ubuntu-xfce4-dev-docker_chenzilin
ubuntu-xfce4-dev-docker:v3.0

$ sudo docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
398b336c7714 ubuntu-xfce4-dev-docker:v3.0 "/tini -- /dockersta…" 3 minutes ago Restarting (1) 56 seconds ago ubuntu-xfce4-dev-docker_chenzilin

$ sudo docker logs 398b336c7714
cp: cannot create regular file '/etc/passwd': Permission denied
cp: cannot create regular file '/etc/passwd': Permission denied
cp: cannot create regular file '/etc/passwd': Permission denied
cp: cannot create regular file '/etc/passwd': Permission denied
cp: cannot create regular file '/etc/passwd': Permission denied
cp: cannot create regular file '/etc/passwd': Permission denied
cp: cannot create regular file '/etc/passwd': Permission denied
cp: cannot create regular file '/etc/passwd': Permission denied

when use --user 1000, it's OK
when use --user 1000:1000, restart again and again

[accetto]

Hello,
I want to confirm the question. I'll check it. However, I cannot promise that it'll be this week, because I'm pretty busy elsewhere, but I'll try.
Regards, accetto

[chenzilin]

at your convenience

this project is so great and wonderful.

my sincerely gratitude!

[accetto]

It's corrected in the release 20.06.
Thanks for the question, it has helped to fix an old bug. :)
Regards, accetto

[accetto]

This is how you can test that it's working.

First you can pull the lab variation of the image:

docker pull accetto/xubuntu-vnc-novnc:lab-ubuntu18.04.4

You can rename it, for example, to chenzilin/cubuntu-xfce4-dev-docker:v3.0:

docker tag accetto/xubuntu-vnc-novnc:lab-ubuntu18.04.4 chenzilin/cubuntu-xfce4-dev-docker:v3.0

Then you can run you script, which will start the container ubuntu-xfce4-dev-docker_chenzilin in the background:

$ cat ubuntu-xfce4-dev-docker_chenzilin.sh \
#!/bin/bash
docker run -d \
-p 14901:22 \
-p 15901:5901 \
-p 16901:6901 \
--user 1000:1000 \
--restart=always \
--name ubuntu-xfce4-dev-docker_chenzilin \
chenzilin/cubuntu-xfce4-dev-docker:v3.0

After checking that it's still running by using

docker ps -a

you can connect to it interactively

docker exec -it ubuntu-xfce4-dev-docker_chenzilin bash

and check the user and group IDs (note that the instance ID in the prompt will be different each time)

headless@456ef013eda3:~$ id
uid=1000(headless) gid=1000(headless) groups=1000(headless)
headless@456ef013eda3:~$ exit

There is also a simpler way, if you only want to check the user and group IDs. You can use a temporary container which will be automatically removed:

cat ubuntu-xfce4-dev-docker_chenzilin.sh \
#!/bin/bash
docker run -it \
--user 1000:1000 \
--rm \
--name just_test \
chenzilin/cubuntu-xfce4-dev-docker:v3.0 --skip id

You should get the following output:

Skip VNC startup
Executing command: 'id'
uid=1000(headless) gid=1000(headless) groups=1000(headless)