Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Dropping privileges for $USER #604

Open
DarkGhostHunter opened this issue Dec 27, 2024 · 1 comment
Open

Dropping privileges for $USER #604

DarkGhostHunter opened this issue Dec 27, 2024 · 1 comment

Comments

@DarkGhostHunter
Copy link

DarkGhostHunter commented Dec 27, 2024
edited
Loading

Basically, I'm trying to make a development container that runs both PHP Built-In Server and an SSH Server.

The problem is that v3 doesn't like the USER directive in the Dockerfile. While services can run as $USER, I'm trying to make all commands sent as docker run are run as $USER.

I don't know if when calling commands the services set in s6-overlay/s6-rc.d run or not. Also, I don't know if there is a way to proxy a command as non-root while running some required scripts before running the command, like creating the $USER in the system and fixing permissions if the developer has set $UID and $GID inside the container.

Is this supported at all, or the only way is to not use S6 at all?

Related to #286
@skarnet
Copy link
Contributor

skarnet commented Dec 27, 2024

s6-overlay is definitely supposed to support USER directives in the Dockerfile. Can you post a transcript of the messages you get when you try running a container with USER, preferably with S6_VERBOSITY set to 2 or more?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@DarkGhostHunter @skarnet