Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for group_add in docker-compose #1318

Closed
moble opened this issue Aug 28, 2018 · 14 comments
Closed

Add support for group_add in docker-compose #1318

moble opened this issue Aug 28, 2018 · 14 comments
Labels
area/stack area/swarm kind/enhancement

Comments

@moble
Copy link

moble commented Aug 28, 2018
edited by thaJeztah
Loading

As described here, support for the group_add option was removed for version 3.x files of docker-compose based on the fact that Swarm services did not support that option at the time. But that's no longer the case, so it would be very helpful if it could be added back in now. As seen here there is evidently some desire for this feature.

related:
@moble moble mentioned this issue Aug 28, 2018
Closed
@bartvanhoutte
Copy link

Any workarounds available?

@moble
Copy link
Author

moble commented Nov 2, 2018

As mentioned here, one thing you can do is just to build the container, and add a RUN block to the Dockerfile with the relevant groupadd, useradd, and usermod commands — being sure to switch to USER root before that block, and back to whatever user it had been after that block.

@nvllsvm nvllsvm mentioned this issue Jan 13, 2019
Closed
@rulatir
Copy link

rulatir commented May 28, 2019
edited
Loading

This is just absolutely awful. Docker and docker-compose developers randomly remove features without a word of explanation.

WHY did you remove this feature?

Oh, OF COURSE you will evade this by saying that the feature isn't technically removed, and you will be technically right. It is not removed, it is just limited to being used as part of a narrow and ancient feature set that is mutually exclusive with all the new features.

@dpkirchner
Copy link

The documentation says:

Removed: volume_driver, volumes_from, cpu_shares, cpu_quota, cpuset, mem_limit, memswap_limit, extends, group_add. See the upgrading guide for how to migrate away from these. (For more information on extends, see Extending services.)

However, the linked upgrading guide simply says that the group_add feature has been removed (at least in so far as it being unavailable as a stack), without providing an alternative. Is there an alternative that doesn't require modifying the image's Dockerfile?

@MrAlfabet
Copy link

This would be incredibly useful for media server containers.

@thatnerdjosh
Copy link

Is this currently being worked on?

@nvllsvm nvllsvm mentioned this issue Nov 30, 2019
Merged
@myaser
Copy link

myaser commented Dec 12, 2019

what is the status now?

@dubo-dubon-duponey dubo-dubon-duponey mentioned this issue Mar 25, 2020
Closed
@Toilal
Copy link

Toilal commented May 18, 2020
edited
Loading

The workaround provided by @moble doesn't seems to work, at least for the current version. After adding those commands inside Dockerfile, groups comand still displays the user primary group only, without docker group, and Permission denied occurs when trying to use the socket.

@abdennour
Copy link

@Toilal Same issue. Namely with MacOS.
Indeed, for linux is easier :

# Group ID of Docker Group on the Host
$(cat /etc/group | grep docker: | cut -d: -f3)

The result is the GID of docker group on the host which can be forwarded by env vars, which should be handled by the entrypoint.
But now, as we have Docker For Mac, we need --group-add staff to avoid the "Permission denied" when using docker-besides-docker

@AtanisZirkel
Copy link

Alternatives using modification of the docker file or the entrypoint are not appropriate when using a pre-build image (nextcloud in my case) as it might break some functionality in an uncontrolled way.

@avidspartan1
Copy link

Adding group_add back would be very useful for us.

@al-dpopowich
Copy link

al-dpopowich commented Dec 15, 2020
edited
Loading

Is this still an issue? group_add works for me:

$ docker-compose version
docker-compose version 1.27.4, build 40524192
docker-py version: 4.3.1
CPython version: 3.7.7
OpenSSL version: OpenSSL 1.1.0l  10 Sep 2019

$ echo "$CONFIG" | docker-compose -f - config
services:
  foo:
    group_add:
    - 1000
    - 1001
    - 1002
    image: ubuntu
version: '3.8'

$ echo "$CONFIG" | docker-compose -p group_add -f - run  --rm foo /bin/bash -c id
Creating group_add_foo_run ... done
uid=0(root) gid=0(root) groups=0(root),1000,1001,1002

Is this another documentation error, but in reverse?

@darkdragon-001 darkdragon-001 mentioned this issue Jan 3, 2021
Closed
@brucedlg
Copy link

brucedlg commented Apr 6, 2021

Since 1.27.0, version 2.x and version 3.x schema are merged.
The commit for the change is: docker/compose@b78c1ec#diff-804d766a83fc4fe189895e25fd0ecfcd64d47f06a28927297ab094ce71b42a06

So group_add is supported with 1.27.0+ docker-compose for all v2, v3 versions.
The parameter is documented in: https://github.com/compose-spec/compose-spec/blob/master/spec.md#group_add

@ndeloof
Copy link
Contributor

ndeloof commented Jun 14, 2021

Closing as implemented by compose-go

@ndeloof ndeloof closed this as completed Jun 14, 2021
@phantomski77 phantomski77 mentioned this issue Oct 30, 2021
Closed
@frobnicaty frobnicaty mentioned this issue Nov 2, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area/stack area/swarm kind/enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests