lat5211/rust
Template
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Use non-root user by default, bundled lldb adapter

Browse Source
This commit is contained in:
Chuck Lantz
2019-08-05 23:18:44 +00:00
parent 8ea8571c23
commit b69a1a5c44
3 changed files with 26 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
.devcontainer/Dockerfile
View File

@@ -5,12 +5,17 @@
FROM rust:1 FROM rust:1
# Or your actual UID, GID on Linux if not the default 1000
ARG USERNAME=vscode
ARG USER_UID=1000
ARG USER_GID=$USER_UID
# Avoid warnings by switching to noninteractive # Avoid warnings by switching to noninteractive
ENV DEBIAN_FRONTEND=noninteractive ENV DEBIAN_FRONTEND=noninteractive
# Configure apt and install packages # Configure apt and install packages
RUN apt-get update \ RUN apt-get update \
&& apt-get -y install --no-install-recommends apt-utils 2>&1 \ && apt-get -y install --no-install-recommends apt-utils dialog 2>&1 \
# #
# Verify git, needed tools installed # Verify git, needed tools installed
&& apt-get -y install git procps lsb-release \ && apt-get -y install git procps lsb-release \
@@ -22,10 +27,18 @@ RUN apt-get update \
&& rustup update \ && rustup update \
&& rustup component add rls rust-analysis rust-src \ && rustup component add rls rust-analysis rust-src \
# #
# Create a non-root user to use if preferred - see https://aka.ms/vscode-remote/containers/non-root-user.
&& groupadd --gid $USER_GID $USERNAME \
&& useradd -s /bin/bash --uid $USER_UID --gid $USER_GID -m $USERNAME \
# [Optional] Add sudo support for non-root user
&& apt-get install -y sudo \
&& echo $USERNAME ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/$USERNAME \
&& chmod 0440 /etc/sudoers.d/$USERNAME \
#
# Clean up # Clean up
&& apt-get autoremove -y \ && apt-get autoremove -y \
&& apt-get clean -y \ && apt-get clean -y \
&& rm -rf /var/lib/apt/lists/* && rm -rf /var/lib/apt/lists/*
# Switch back to dialog for any ad-hoc use of apt-get # Switch back to dialog for any ad-hoc use of apt-get
ENV DEBIAN_FRONTEND=dialog ENV DEBIAN_FRONTEND=

10
.devcontainer/devcontainer.json
View File

@@ -7,12 +7,14 @@
"vadimcn.vscode-lldb" "vadimcn.vscode-lldb"
], ],
"runArgs": [ "runArgs": [
"--cap-add=SYS_PTRACE", // Comment out the next line to run as root instead. Linux users,
"--security-opt", // update Dockerfile with your user's UID/GID if not 1000.
"seccomp=unconfined" "-u", "vscode",
"--cap-add=SYS_PTRACE", "--security-opt", "seccomp=unconfined"
], ],
"settings": { "settings": {
"lldb.executable": "/usr/bin/lldb-3.9", "lldb.adapterType": "bundled",
"terminal.integrated.shell.linux": "/bin/bash" "terminal.integrated.shell.linux": "/bin/bash"
} }
} }

6
README.md
View File

@@ -10,7 +10,9 @@ Follow these steps to open this sample in a container:
1. If this is your first time using a development container, please follow the [getting started steps](https://aka.ms/vscode-remote/containers/getting-started). 1. If this is your first time using a development container, please follow the [getting started steps](https://aka.ms/vscode-remote/containers/getting-started).
2. If you're not yet in a development container: 2. **Linux users:** Update `USER_UID` and `USER_GID` in `.devcontainer/Dockerfile` with your user UID/GID if not 1000 to avoid creating files as root.
3. If you're not yet in a development container:
- Clone this repository. - Clone this repository.
- Press <kbd>F1</kbd> and select the **Remote-Containers: Open Folder in Container...** command. - Press <kbd>F1</kbd> and select the **Remote-Containers: Open Folder in Container...** command.
- Select the cloned copy of this folder, wait for the container to start, and try things out! - Select the cloned copy of this folder, wait for the container to start, and try things out!
@@ -19,6 +21,8 @@ Follow these steps to open this sample in a container:
Once you have this sample opened in a container, you'll be able to work with it like you would locally. Once you have this sample opened in a container, you'll be able to work with it like you would locally.
> **Note:** This container runs as a non-root user with sudo access by default. Comment out `"-u", "vscode"` in `.devcontainer/devcontainer.json` if you'd prefer to run as root.
Some things to try: Some things to try:
1. **Edit:** 1. **Edit:**