“Don't run Bundler as root.” #10
Comments
I have the same problem. Dockerfile
Output
Edit: It failed with exit code 18 because my Gemfile wants ruby 2.1.1 and 2.1.2 is installed in the container. |
@elia, as you point out, we use Aside from possible security issues (if you don't trust the code) when running as root, the only issue is that "installing your bundle as root will break this application for all non-root users on this machine" which has no bearing on the containerized app since there are no other users within the container. |
Sorry for suggesting I don't think the security thing is necessarily related to trusting the code, any bug that can lead to code execution in the container is worse if the containerized user is root vs normal user. That said, it's about cosmetics. Anyways looking at bundler's source there's not much that can be done, the warning messages is always shown if the user's root. |
We could use non-root and just allow passwordless |
This is just a warning. Closing for now. Feel free to post new information if I am wrong. |
So how do we get past the message, then? |
+1 |
@kilianc I've figured out how to install Rails in Docker, although I don't completely understand which part of my Dockerfile is leveraging this problem. Anyway! Here's my Dockerfile. If you can get this to work let me know and if you can figure out how it helps me bypass this problem I'd appreciate it. Personally I think it's all because I extend |
@Arcrammer probably changing your $HOME does the trick |
From bundler 1.11.0.pre.1 (2015-11-29), there is a So to remove the warning, add this to your Dockerfile:
|
This is a well-known problem with bundler: docker-library/rails#10
Maybe it can be solved by using
--system
Also IIRC avoiding to run as root inside the container's a good practice security-wise (I may be wrong or out of date tho)
The text was updated successfully, but these errors were encountered: