Skip to content

Fix/non root support#41

Merged
ductiletoaster merged 1 commit intomainfrom
fix/non-root-support
Mar 12, 2026
Merged

Fix/non root support#41
ductiletoaster merged 1 commit intomainfrom
fix/non-root-support

Conversation

@ductiletoaster
Copy link
Copy Markdown
Member

@ductiletoaster ductiletoaster commented Mar 12, 2026

Code Review

Description

Please include a summary of the changes including relevant motivation and context. List any dependencies that are required for this change.

Please check the option(s) that are most relevant.

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Refactor (non-breaking modification to existing code path)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)

Testing & Verification

Please describe the tests that you ran to verify your changes.

  • Provide instructions to reproduce with relevant details for your test configuration.
  • Include screenshots and/or videos showing the results of your changes.

@ductiletoaster @claude
feat: harden image for arbitrary UID support across all environments
a4ee3b3 
Comprehensive fixes for running as any non-root UID (Kubernetes,
OpenShift, Docker Compose PUID/PGID):

Dockerfile (core):
- /etc/passwd and /etc/group world-writable for runtime injection
- /app/.venv/bin writable for pip entry point scripts
- /app and /app/ComfyUI writable for startup dir creation
- Dynamic Python version detection (no hardcoded python3.12)
- PYTHONDONTWRITEBYTECODE=1 to suppress .pyc permission failures
- SHELL pipefail in final stage (not inherited across FROM)

Dockerfile (complete):
- Re-apply world-writable permissions after pip install layer
- SHELL pipefail for safety
- Dynamic Python version detection

Entrypoint:
- Inject both /etc/passwd and /etc/group for arbitrary UIDs
- Use getent passwd instead of whoami for reliable UID detection
- Use unique username (comfyuser) to avoid collision with build-time
  comfy user at UID 1000

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@ductiletoaster ductiletoaster merged commit 8325745 into main Mar 12, 2026
4 checks passed
@ductiletoaster ductiletoaster deleted the fix/non-root-support branch March 12, 2026 11:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@ductiletoaster