Create Dockerfile-2019

This example is based on the SQL Server 2019 container image. At the time of this commit, SQL Server 2019 is in preview.
microsoft · Sep 13, 2019 · 9b313de · 9b313de
1 parent 5ac18b3
commit 9b313de
Showing 1 changed file with 30 additions and 0 deletions.
diff --git a/linux/preview/examples/mssql-server-linux-non-root/Dockerfile-2019 b/linux/preview/examples/mssql-server-linux-non-root/Dockerfile-2019
@@ -0,0 +1,30 @@
+# Exmple of creating a SQL Server 2019 container image that will run as a user 'mssql' instead of root
+# This is example is based on the official image from Microsoft and effectively changes the user that SQL Server runs as
+# and allows for dumps to generate as a non-root user
+
+
+FROM mcr.microsoft.com/mssql/server:2019-latest
+
+# Create non-root user and update permissions
+#
+RUN useradd -M -s /bin/bash -u 10001 -g 0 mssql
+RUN mkdir -p -m 770 /var/opt/mssql && chgrp -R 0 /var/opt/mssql
+
+# Grant sql the permissions to connect to ports <1024 as a non-root user
+#
+RUN setcap 'cap_net_bind_service+ep' /opt/mssql/bin/sqlservr
+
+# Allow dumps from the non-root process
+# 
+RUN setcap 'cap_sys_ptrace+ep' /opt/mssql/bin/paldumper
+RUN setcap 'cap_sys_ptrace+ep' /usr/bin/gdb
+
+# Add an ldconfig file because setcap causes the os to remove LD_LIBRARY_PATH
+# and other env variables that control dynamic linking
+#
+RUN mkdir -p /etc/ld.so.conf.d && touch /etc/ld.so.conf.d/mssql.conf
+RUN echo -e "# mssql libs\n/opt/mssql/lib" >> /etc/ld.so.conf.d/mssql.conf
+RUN ldconfig
+
+USER mssql
+CMD ["/opt/mssql/bin/sqlservr"]