In Docker file I have this

FROM ubuntu
RUN apt update && apt -y upgrade
RUN apt install -y sudo
# Setup ops user use defaults uid 1000 gid 1000
RUN useradd -d /home/myuser -aG sudo \
    && usermod -aG sudo root \ 
    && echo "%sudo   ALL=(ALL:ALL) NOPASSWD:ALL" > /etc/sudoers

when execute

docker run -dit -u 1000:1000 myimage "/bin/bash"
docker exec -it 23u898908 "/bin/bash"

I get

myuser@23u898908$ id 
uid=1000(myuser) gid=1000(myuser) groups=1000(myuser)

myuser@23u898908$ id myuser
uid=1000(myuser) gid=1000(myuser) groups=1000(myuser),27(sudo)

myuser@23u898908$ sudo ls
file.txt

in other words, the groups are working, but not showing in the id command, but show in the id myuser command, just curious if there is something I am missing, or is it by design? if executed

myuser@23u898908$sudo su -l myuser
$id
uid=1000(myuser) gid=1000(myuser) groups=1000(myuser),27(sudo)

expected behaviour is to show all groups with just the id command, is this a bug maybe??

CodePudding user response：

you must relogin or restart container to refresh it. id takes it for current session

CodePudding user response：

Solved. Basically there is a need to terminate the bash session and re-establish it again by adjusting the above commands in Dockerfile by adding exit at the end of last shell command, that will enforce a new bash session to be kicked off.

RUN useradd -d /home/myuser -aG sudo \
    && usermod -aG sudo root \ 
    && echo "%sudo   ALL=(ALL:ALL) NOPASSWD:ALL" > /etc/sudoers && exit
USER myuser
WORKDIR /home/myuser

Now when I do docker run -dit myimage "/bin/bash" I get the $ prompt and $id produces the expected results. The catch is, there is no need to use --user 1000:1000 on the docker run command.