-
-
Notifications
You must be signed in to change notification settings - Fork 149
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Be able to set UID and GID in Docker rootless image #607
Comments
Yes, this would be great |
Bumping this to get Feedback if I can go ahead and implement this. |
Sorry for the delay! Yes I'd be happy to accept a PR for this. I think matching the Linux server implementation is a good idea. |
Thanks, will work on it |
@maxwai, I am slightly late to the party, but I discussed in another issue the same topic. I think this might not be necessary, as you can already override the UID/GID for the distroless image using the native directive for users ( |
While it is true that you can set the running user with these options, you do need to install extra packages and kernel options for it to work as described in the doku. While this is not a Problem on most systems, there are systems (especially Server/NAS OS) where this is not possible. |
I don't think so, what you referred to is the use of user namespaces in docker (which are not used by default). That doesn't help in this particular problem because it's just a way to map UIDs inside containers with UIDs in the host, with a static mapping (so you still have a fixed user for all the rootless images using 65532). I am talking about this:
I personally do not run docker rootless in my machine, which is where I made the tests. |
Ok, after testing on different systems it's true that this works and doesn't need any additional setup. As this works I will close the issue. If there is still the need to implement the feature I discussed originally, feel free to reopen the issue. |
What is the problem you are trying to solve with this feature?
Currently the rootless image forces a uid and gid to use.
A better approach is letting the user choose the uid and gid so that the owners of files on the mapped volumes are consistent with the host filesystem.
What is the solution you are proposing?
A good solution that works well is setting environment variables that will then run allow the run script to be run as any user wanted. And if these are not given, default values will be used. This is the way LinuxServer.io does it with their images, as explained here.
This also eliminates the need for separate rootless and root image since the image can run rootless if the environment variables are given and as root if they are not given
What alternatives have you considered?
No response
Additional context
Here is an example how LinuxServer.io does it, of course this would be needed to be changed to work with this application.
Contributions
The text was updated successfully, but these errors were encountered: