Dockerfile replicate the host user UID and GID to the image
You can pass it as a build arg. Your Dockerfile can be static:
FROM ubuntu:xenial-20170214
ARG UNAME=testuser
ARG UID=1000
ARG GID=1000
RUN groupadd -g $GID -o $UNAME
RUN useradd -m -u $UID -g $GID -o -s /bin/bash $UNAME
USER $UNAME
CMD /bin/bash
Then you'd pass the options on your build command:
docker build --build-arg UID=$(id -u) --build-arg GID=$(id -g) \
-f bb.dockerfile -t testimg .
Note that I've solved similar problems to this a different way, by running an entrypoint as root that looks a file/directory permissions of the host volume mount, and adjust the uid/gid of the users inside the container to match the volume uid/gid. After making that change, it drops access from the root user to the modified uid/gid user and runs the original command/entrypoint. The result is the image can be run unchanged on any developer machine. An example of this can be found in my jenkins-docker repo:
https://github.com/sudo-bmitch/jenkins-docker
Comments
-
minghua almost 2 years
Similar to the SO post about replicating UID/GID in container from host but how do you build the image with a user with replicate UID and GID? Preferably, how do you do it with a dockerfile?
I can do it with a bash script:
#!/bin/bash # current uid and gid curr_uid=`id -u` curr_gid=`id -g` # create bb.dockerfile: cat << EOF1 > bb.dockerfile FROM ubuntu:xenial-20170214 ARG UNAME=testuser EOF1 echo ARG UID=${curr_uid} >> bb.dockerfile echo ARG GID=${curr_gid} >> bb.dockerfile cat << EOF2 >> bb.dockerfile RUN groupadd -g \$GID \$UNAME RUN useradd -m -u \$UID -g \$GID -s /bin/bash \$UNAME USER \$UNAME CMD /bin/bash EOF2 docker build -f bb.dockerfile -t testimg .
This bash will generate a docker file as the following and build on it.
FROM ubuntu:xenial-20170214 ARG UNAME=testuser ARG UID=1982 ARG GID=1982 RUN groupadd -g $GID $UNAME RUN useradd -m -u $UID -g $GID -s /bin/bash $UNAME USER $UNAME CMD /bin/bash
What I'm asking for, is to remove the hardcoded host UID 1982 and GID 1982 from the dockerfile.
-
Alexander Mills about 6 yearsI don't understand, do the UID and GID args at the command line shadow/override the "static" Dockerfile entries?
-
minghua about 6 yearsInside my docker container ubuntu guest, gid 20 belongs to dialout. Usually your user account on the host should be assigned its own group id, not to reuse the 20. Do you get 20 if you run
id -g
? What do you get byid -u
? -
minghua about 6 yearsAlso created a docker file and script to run X over ssh: see superuser SO "Run JetPack TX2 Installer in a Docker Container".
-
Hakanai over 5 years@AlexanderMills I'm guessing you're maybe running on macos where guid 20 = staff, but the guest is some linux where 20 = something else. This idea of passing the group ID and creating the group only seems to make sense if the group doesn't already exist, which would be the case on linux hosts, where conventionally your GID would be a group containing only yourself.
-
BMitch over 5 years@AlexanderMills yes, default values for docker args in the dockerfile get overridden by the build command. If the uid/gid already exist inside the container, you can add a
-o
option to allow non-unique id's. -
harshavmb almost 4 yearsclean answer & it solves lot of problems with docker. Especially while using jenkins to spin up docker..
-
Raketenolli over 3 yearsWhat if the gid changes from the system where the container is built to the one it is run on?
-
BMitch over 3 years@Raketenolli that's where the second option is more appropriate and the reason I created it.