Default to a non-root user

2019-08-05 23:30:46 +00:00
parent 61d09d1203
commit 0ba75c2592
3 changed files with 24 additions and 5 deletions
--- a/.devcontainer/Dockerfile
+++ b/.devcontainer/Dockerfile
@@ -8,9 +8,14 @@ FROM golang:1
 # Avoid warnings by switching to noninteractive
 ENV DEBIAN_FRONTEND=noninteractive

+# Or your actual UID, GID on Linux if not the default 1000
+ARG USERNAME=vscode
+ARG USER_UID=1000
+ARG USER_GID=$USER_UID
+
 # Configure apt, install packages and tools
 RUN apt-get update \
-    && apt-get -y install --no-install-recommends apt-utils 2>&1 \
+    && apt-get -y install --no-install-recommends apt-utils dialog 2>&1 \
    #
    # Verify git, process tools, lsb-release (common in install instructions for CLIs) installed
    && apt-get -y install git procps lsb-release \
@@ -46,6 +51,14 @@ RUN apt-get update \
        github.com/mgechev/revive \
        github.com/derekparker/delve/cmd/dlv 2>&1 \
    #
+    # Create a non-root user to use if preferred - see https://aka.ms/vscode-remote/containers/non-root-user.
+    && groupadd --gid $USER_GID $USERNAME \
+    && useradd -s /bin/bash --uid $USER_UID --gid $USER_GID -m $USERNAME \
+    # [Optional] Add sudo support
+    && apt-get install -y sudo \
+    && echo $USERNAME ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/$USERNAME \
+    && chmod 0440 /etc/sudoers.d/$USERNAME \
+    #
    # Clean up
    && apt-get autoremove -y \
    && apt-get clean -y \
--- a/.devcontainer/devcontainer.json
+++ b/.devcontainer/devcontainer.json
@@ -6,9 +6,11 @@
 		"ms-vscode.go"
 	],
 	"runArgs": [
-		"--cap-add=SYS_PTRACE",
-		"--security-opt",
-		"seccomp=unconfined"
+		// Comment out the next line to run as root instead. Linux users, 
+		// update Dockerfile with your user's UID/GID if not 1000.
+		"-u", "vscode",
+
+		"--cap-add=SYS_PTRACE", "--security-opt", "seccomp=unconfined"
 	],
 	"settings": {
 		"go.gopath": "/go",