From f1ef143ea4bbf118dc496eeb71abb5db1cf94c6b Mon Sep 17 00:00:00 2001 From: Matthew Kobayashi <1856537+MattKobayashi@users.noreply.github.com> Date: Sat, 11 May 2024 04:15:36 +1000 Subject: docker: multiple updates * Update Debian base image to 12 * Add --break-system-packages option to pip3 install command * Remove chmod a+s from Dockerfile (newer versions of gosu in particular don't support this) * Add sudo to relevant commands in entrypoint.sh * Add UID_MIN key to adduser command (allows the container to run on MacOS) * Formatting and spelling fixes (cherry picked from commit 48fc4291536607036f3191cad21ff0065d1eeaaf) --- docker/Dockerfile | 26 +++++++++++--------------- docker/entrypoint.sh | 6 +++--- 2 files changed, 14 insertions(+), 18 deletions(-) diff --git a/docker/Dockerfile b/docker/Dockerfile index fc457582..d8a71872 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -1,7 +1,7 @@ # Must be run with --privileged flag # Recommended to run the container with a volume mapped # in order to easy exprort images built to "external" world -FROM debian:11 +FROM debian:12 LABEL authors="VyOS Maintainers " ENV DEBIAN_FRONTEND noninteractive @@ -27,16 +27,14 @@ RUN apt-get update && apt-get install -y \ curl \ dos2unix - - -RUN pip3 install Sphinx -RUN pip3 install sphinx-rtd-theme -RUN pip3 install sphinx-autobuild -RUN pip3 install sphinx-notfound-page -RUN pip3 install lxml -RUN pip3 install myst-parser -RUN pip3 install sphinx_design - +RUN pip3 install --break-system-packages \ + Sphinx \ + sphinx-rtd-theme \ + sphinx-autobuild \ + sphinx-notfound-page \ + lxml \ + myst-parser \ + sphinx_design # Cleanup RUN rm -rf /var/lib/apt/lists/* @@ -44,13 +42,11 @@ RUN rm -rf /var/lib/apt/lists/* EXPOSE 8000 # Allow password-less 'sudo' for all users in group 'sudo' -RUN sed "s/^%sudo.*/%sudo\tALL=(ALL) NOPASSWD:ALL/g" -i /etc/sudoers && \ - chmod a+s /usr/sbin/useradd /usr/sbin/groupadd /usr/sbin/gosu /usr/sbin/usermod - +RUN sed "s/^%sudo.*/%sudo\tALL=(ALL) NOPASSWD:ALL/g" -i /etc/sudoers COPY entrypoint.sh /usr/local/bin/entrypoint.sh -# we need to convert the entrypoint with appropriate line endings, else +# We need to convert the entrypoint with appropriate line endings, else # there will be an error: # standard_init_linux.go:175: exec user process caused # "no such file or directory" diff --git a/docker/entrypoint.sh b/docker/entrypoint.sh index 8db41103..c44f5047 100755 --- a/docker/entrypoint.sh +++ b/docker/entrypoint.sh @@ -23,10 +23,10 @@ if ! grep -q $NEW_GID /etc/group; then groupadd --gid $NEW_GID $USER_NAME fi -useradd --shell /bin/bash --uid $NEW_UID --gid $NEW_GID --non-unique --create-home $USER_NAME +useradd --shell /bin/bash --uid $NEW_UID --gid $NEW_GID --non-unique --create-home $USER_NAME --key UID_MIN=500 usermod --append --groups sudo $USER_NAME -sudo chown $NEW_UID:$NEW_GID /home/$USER_NAME +chown $NEW_UID:$NEW_GID /home/$USER_NAME export HOME=/home/$USER_NAME # Execute process -exec /usr/sbin/gosu $USER_NAME "$@" +/usr/sbin/gosu $USER_NAME "$@" -- cgit v1.2.3