-
Notifications
You must be signed in to change notification settings - Fork 35
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
gosu (start.sh) not working in non root container #256
Comments
Good proposal! Can you do a pull request? |
no, I modified my container (not the image). A easy solution should be: exec gosu deconz /usr/bin/deCONZ $DECONZ_OPTS || exec /usr/bin/deCONZ $DECONZ_OPTS The second part is only executed if the first part is not successful. But I have not tested if it makes problem when stopping the container. (If deconz stops wit an error it will be started again.) Probably better is: exec gosu deconz : && exec gosu deconz /usr/bin/deCONZ $DECONZ_OPTS || exec /usr/bin/deCONZ $DECONZ_OPTS
Sorry, the code is untested. I have no experience with gosu and not much with docker. |
I can try to make a test/dev build, most likely during the weekend
Op wo 10 jul 2024 21:43 schreef acht ***@***.***>:
… no, I modified my container (not the image).
A easy solution should be:
exec gosu deconz /usr/bin/deCONZ $DECONZ_OPTS || exec /usr/bin/deCONZ
$DECONZ_OPTS
The second part is only executed if the first part is not successful. But
I have not tested if it makes problem when stopping the container. (If
deconz stops wit an error it will be started again.)
Probably better is:
exec gosu deconz : && exec gosu deconz /usr/bin/deCONZ $DECONZ_OPTS ||
exec /usr/bin/deCONZ $DECONZ_OPTS
- it tests gosu (execute a no-op as deconz user)
- if the test was successful it uses gosu
- else it executes directly.
Sorry, the code is untested. I have no experience with gosu and not much
with docker.
—
Reply to this email directly, view it on GitHub
<#256 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/ABXMM25ULNGDJ6Z6GACUCADZLWFHZAVCNFSM6AAAAABKVJWUMGVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDEMRRGI4TANRRHE>
.
You are receiving this because you commented.Message ID:
***@***.***>
|
@acht can you test with https://github.com/deconz-community/deconz-docker/pkgs/container/deconz-docker/242293811?tag=dev ? |
I added changes in start.sh: Line 183: (otherwise you execute deconz (username) not the command) After the changes it is working! |
Thanks for the feedback, made the needed changes. Could please retest? |
@phdelodder : do you have a new link? Or should I use the image from the link above? |
Thanks! |
I'll merge it |
I run and start the container as non root user. As result the /start.sh (container entry point) fails on the line
exec gosu deconz /usr/bin/deCONZ $DECONZ_OPTS
The container just stops.
It is not possible to change the user. To change the user is not really needed in my opinion. It is a container that has no special privileges.
So my request would be to test if a "gosu" is possible. If not the command should be executed directly.
I changed /start.sh and changed the line to
exec /usr/bin/deCONZ $DECONZ_OPTS
Now my container starts and is working.
In addition the "chown" commands report errors based on the same missing privileges.
To add an command-line switch to the container to avoid gosu and chown operations would be an other solution.
To reproduce the problem just switch to an ordinary user and run the docker commands as ordinary user.
I am running the stable container from yesterday.
The text was updated successfully, but these errors were encountered: