Home > Blockchain >  Docker image creation failed because of userhandling
Docker image creation failed because of userhandling

Time:08-20

I have the following Docker File from IMX.

FROM ubuntu:20.04

# Update system and add the packages required for Yocto builds.
# Use DEBIAN_FRONTEND=noninteractive, to avoid image build hang waiting
# for a default confirmation [Y/n] at some configurations.

ENV DEBIAN_FRONTEND=noninteractive
RUN apt update
RUN apt install -y gawk wget git-core diffstat unzip texinfo \
    gcc-multilib build-essential chrpath socat cpio python python3 \
    python3-pip python3-pexpect xz-utils debianutils iputils-ping \
    libsdl1.2-dev xterm tar locales net-tools rsync sudo vim curl

# Set up locales
RUN locale-gen en_US.UTF-8 && \
    update-locale LC_ALL=en_US.UTF-8 LANG=en_US.UTF-8
ENV LANG en_US.UTF-8
ENV LC_ALL en_US.UTF-8

# Yocto needs 'source' command for setting up the build environment, so replace
# the 'sh' alias to 'bash' instead of 'dash'.
RUN rm /bin/sh && ln -s bash /bin/sh

# Install repo
ADD https://storage.googleapis.com/git-repo-downloads/repo /usr/local/bin/
RUN chmod 755 /usr/local/bin/repo

# Add your user to sudoers to be able to install other packages in the container.
ARG USER
RUN echo "${USER} ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/${USER} && \
    chmod 0440 /etc/sudoers.d/${USER}

# Set the arguments for host_id and user_id to be able to save the build artifacts
# outside the container, on host directories, as docker volumes.
ARG host_uid \
    host_gid
RUN groupadd -g $host_gid nxp && \
    useradd -g $host_gid -m -s /bin/bash -u $host_uid $USER

# Yocto builds should run as a normal user.
USER $USER

# Add user git info
RUN git config --global user.name "ccisn"
RUN git config --global user.email "[email protected]"
RUN git config --list

RUN mkdir /home/ccisn
RUN mkdir /home/ccisn/yocto_imx8

COPY . /imx-docker


# docker run --rm -ti -v  /var/run/docker.sock:/var/run/docker.sock dockers:imx 

ARG DOCKER_WORKDIR
WORKDIR ${DOCKER_WORKDIR}

If I build the image via Docker Desktop it gives me folliwng error messages:

 => ERROR [ 8/16] RUN echo "${USER} ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/${USER} &&     chmod 0440 /etc/sudoers.d/${USER}    

------
 > [ 8/16] RUN echo "${USER} ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/${USER} &&     chmod 0440 /etc/sudoers.d/${USER}:
#12 0.483 /bin/sh: /etc/sudoers.d/: Is a directory
------
executor failed running [/bin/sh -c echo "${USER} ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/${USER} &&     chmod 0440 /etc/sudoers.d/${USER}]: exit code: 1

 *  The terminal process "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -Command docker build --pull --rm -f "imx-docker\Dockerfile" -t dockers:imx "imx-docker"" terminated with exit code: 1. 

I dont know where the problem is. Or how I could fix it. Unfortunately I cannot use the docker image as root (since the application does not let me use it as root). Is there a way to fix it?

Thanks for your help.

CodePudding user response:

The Dockerfile expects a name to be passed as a build argument. When you build it, you need to pass that name

docker build --build-arg USER=somename .

A better approach might be to just delete these two lines. You say you aren't supposed to be root inside the container, but allowing passwordless sudo effectively gives anyone root permissions so long as they ask politely. You rarely install packages inside a running container since they'll be lost as soon as the container exits. And if you do need to be root for some reason, you can launch the container with docker run -u root.

CodePudding user response:

Thanks David, you are partly right. He expects the user passed into

on the line

ARG USER

But he also takes the local defined one in (which in Windows is not defined)

USER $USER

It would be perfect to added all those needed information in hardcoded fashion (since I only need it for a build)

ARG USER=ccisn
ARG UID=1001
ARG GID=1001
ARG PW=ccisn

Then it works. But I could add all those information into ARG Statements and pass them during the build step.

FROM ubuntu:20.04

# Update system and add the packages required for Yocto builds.
# Use DEBIAN_FRONTEND=noninteractive, to avoid image build hang waiting
# for a default confirmation [Y/n] at some configurations.

ENV DEBIAN_FRONTEND=noninteractive
RUN apt update
RUN apt install -y gawk wget git-core diffstat unzip texinfo \
    gcc-multilib build-essential chrpath socat cpio python python3 \
    python3-pip python3-pexpect xz-utils debianutils iputils-ping \
    libsdl1.2-dev xterm tar locales net-tools rsync sudo vim curl

# Set up locales
RUN locale-gen en_US.UTF-8 && \
    update-locale LC_ALL=en_US.UTF-8 LANG=en_US.UTF-8
ENV LANG en_US.UTF-8
ENV LC_ALL en_US.UTF-8

# Yocto needs 'source' command for setting up the build environment, so replace
# the 'sh' alias to 'bash' instead of 'dash'.
RUN rm /bin/sh && ln -s bash /bin/sh

# Install repo
ADD https://storage.googleapis.com/git-repo-downloads/repo /usr/local/bin/
RUN chmod 755 /usr/local/bin/repo

# Add your user to sudoers to be able to install other packages in the container.

ARG USER=ccisn
ARG UID=1001
ARG GID=1001
ARG PW=ccisn

RUN echo "${USER} ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/${USER} && \
    chmod 0440 /etc/sudoers.d/${USER}

# Set the arguments for host_id and user_id to be able to save the build artifacts
# outside the container, on host directories, as docker volumes.
RUN groupadd -g $GID nxp && \
    useradd -g $GID -m -s /bin/bash -u $UID $USER

# Yocto builds should run as a normal user.
# USER $USER
USER ${UID}:${GID}
# Add user git info
RUN git config --global user.name "ccisn"
RUN git config --global user.email "[email protected]"
RUN git config --list

RUN mkdir /home/ccisn/yocto_imx8

COPY . /imx-docker
RUN cd imx-docker/ && sudo ln -sf imx-5.10.72-2.2.0/env.sh env.sh

# docker run --rm -ti -v  /var/run/docker.sock:/var/run/docker.sock dockers:imx 

ARG DOCKER_WORKDIR
WORKDIR ${DOCKER_WORKDIR}
  • Related