diff options
| author | Christian Poessinger <christian@poessinger.com> | 2023-03-01 22:22:35 +0100 |
|---|---|---|
| committer | Christian Poessinger <christian@poessinger.com> | 2023-03-01 22:22:35 +0100 |
| commit | 06a908594fdc1e55ddd72b3f2746cb09e2907a3f (patch) | |
| tree | 990d82e1a4d2436a27404fdd7909197d9378d12b | |
| parent | 598e9f5821f5894ed2765eb34a8a12d92d9c0fdc (diff) | |
| download | vyos-build-06a908594fdc1e55ddd72b3f2746cb09e2907a3f.tar.gz vyos-build-06a908594fdc1e55ddd72b3f2746cb09e2907a3f.zip | |
T5003: backport changes from master to support latest Docker version on CI hosts
The newer Docker versions seem to be a bit more picky when using tools
like goso. The container will no longer start if the gosu binary has the setuid
root bit set.
This change adjusts the container to continue working on recent Docker
versions.
| -rw-r--r-- | docker/Dockerfile | 4 | ||||
| -rwxr-xr-x | docker/entrypoint.sh | 7 |
2 files changed, 7 insertions, 4 deletions
diff --git a/docker/Dockerfile b/docker/Dockerfile index 350ba5f5..9e563397 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -609,8 +609,8 @@ RUN gem install public_suffix -v 4.0.7 RUN gem install --no-document fpm # Allow password-less 'sudo' for all users in group 'sudo' -RUN sed "s/^%sudo.*/%sudo\tALL=(ALL) NOPASSWD:ALL/g" -i /etc/sudoers && \ - chmod a+s /usr/sbin/useradd /usr/sbin/groupadd /usr/sbin/gosu /usr/sbin/usermod +RUN echo -e "vyos_bld\tALL=(ALL) NOPASSWD:ALL" > /etc/sudoers.d/vyos_bld && \ + chmod a+s /usr/sbin/useradd /usr/sbin/groupadd # Ensure sure all users have access to our OCAM and Go installation RUN echo "$(opam env --root=/opt/opam --set-root)" >> /etc/skel/.bashrc && \ diff --git a/docker/entrypoint.sh b/docker/entrypoint.sh index 8db41103..19c9423e 100755 --- a/docker/entrypoint.sh +++ b/docker/entrypoint.sh @@ -24,9 +24,12 @@ if ! grep -q $NEW_GID /etc/group; then fi useradd --shell /bin/bash --uid $NEW_UID --gid $NEW_GID --non-unique --create-home $USER_NAME -usermod --append --groups sudo $USER_NAME sudo chown $NEW_UID:$NEW_GID /home/$USER_NAME export HOME=/home/$USER_NAME +if [ "$(id -u)" == "0" ]; then + exec gosu $USER_NAME "$@" +fi + # Execute process -exec /usr/sbin/gosu $USER_NAME "$@" +exec "$@" |