templates/node
Template
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Tweak non-root user logic

Browse Source
This commit is contained in:
Chuck Lantz
2019-08-07 21:08:03 +00:00
parent 8e8bdf032a
commit 07cbc3ee99
2 changed files with 10 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
.devcontainer/Dockerfile
View File

@@ -8,11 +8,11 @@ FROM node:10
# Avoid warnings by switching to noninteractive # Avoid warnings by switching to noninteractive
ENV DEBIAN_FRONTEND=noninteractive ENV DEBIAN_FRONTEND=noninteractive
# The node image comes with a base non-root 'node' user, so the alternate # The node image comes with a base non-root 'node' user which this Dockerfile
# user here is primarily for Linux scenarios where you need to match your local # gives sudo access. Hoewver, for Linux, this user's GID/UID must match your local
# user UID/GID. See https://aka.ms/vscode-remote/containers/non-root-user. # user UID/GID to avoid permission issues with bind mounts. Update USER_UID / USER_GID
ARG USERNAME=vscode # if yours is not 1000. See https://aka.ms/vscode-remote/containers/non-root-user.
ARG USER_UID=1001 ARG USER_UID=1000
ARG USER_GID=$USER_UID ARG USER_GID=$USER_UID
# Configure apt and install packages # Configure apt and install packages
@@ -37,13 +37,12 @@ RUN apt-get update \
&& npm install -g eslint \ && npm install -g eslint \
# #
# Create a non-root user to use if preferred - see https://aka.ms/vscode-remote/containers/non-root-user. # Create a non-root user to use if preferred - see https://aka.ms/vscode-remote/containers/non-root-user.
&& if [ "$USER_GID" != "1000" ]; then groupadd --gid $USER_GID $USERNAME; fi \ && if [ "$USER_GID" != "1000" ]; then groupmod node --gid $USER_GID; fi \
&& if [ "$USER_UID" != "1000" ]; then useradd -s /bin/bash --uid $USER_UID --gid $USER_GID -m $USERNAME; fi \ && if [ "$USER_UID" != "1000" ]; then usermod --uid $USER_UID node; fi \
# [Optional] Add sudo support for non-root users # [Optional] Add sudo support for non-root users
&& apt-get install -y sudo \ && apt-get install -y sudo \
&& if [ "$USER_UID" != "1000" ]; then echo $USERNAME ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/$USERNAME; fi \
&& echo node ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/node \ && echo node ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/node \
&& chmod 0440 /etc/sudoers.d/$USERNAME \ && chmod 0440 /etc/sudoers.d/node \
# #
# Clean up # Clean up
&& apt-get autoremove -y \ && apt-get autoremove -y \

4
.devcontainer/devcontainer.json
View File

@@ -9,7 +9,7 @@
"terminal.integrated.shell.linux": "/bin/bash" "terminal.integrated.shell.linux": "/bin/bash"
}, },
"postCreateCommand": "yarn install", "postCreateCommand": "yarn install",
// Comment out the next line to run as root instead. Linux users, update the next line and // Comment out the next line to run as root instead. Linux users, update
// Dockerfile with your user's UID/GID if not 1000. // Dockerfile with your user's UID/GID if not 1000.
"runArgs": [ "-u", "1000" ] "runArgs": [ "-u", "node" ]
} }