问题描述
在创建Docker容器时,我一直遇到UID/GID没有反映在容器中的问题(我意识到这是设计使然).我正在寻找一种保持主机权限合理和/或从Docker容器中的主机用户/组帐户复制UID/GID的方法.例如:
When creating Docker containers I keep running into the issue of the UID/GID not being reflected in the container (I realize this is by design). What I am looking for is a way to keep host permissions reasonable and / or to replicate the UID/GID from the host user / group accounts in my Docker container. For instance:
主机-
woot4moo:x:504:504:woot4moo:/home/woot4moo:/bin/bash
woot4moo:x:504:504:woot4moo:/home/woot4moo:/bin/bash
我希望在Docker容器中也有同样的行为.话虽这么说,这甚至是做这种事情的正确方法吗?我的信念是我可以简单地跑步:
I would like this same behavior in the Docker container. That being said, is this even the right way to do this type of thing? My belief is I could simply run:
useradd -u 504 -g 504 woot4moo
作为我的Dockerfile的一部分,但是我不确定这是否有效.
as part of my Dockerfile, but I am not sure if that is valid.
推荐答案
您不想在映像构建过程中(在Dockerfile中)运行它,因为通常有人在其上运行容器的主机不是您要在其上构建映像的主机.
You wouldn't want to run that as part of the image build process (in your Dockerfile), because the host on which someone is running a container is often not the host on which you are building the image.
解决此问题的一种方法是通过环境变量传递UID/GID信息:
One way of solving this is passing in UID/GID information via environment variables:
docker run -e APP_UID=100 -e APP_GID=100 ...
然后在运行CMD
之前,先编写一个包含以下内容的ENTRYPOINT
脚本:
And then have an ENTRYPOINT
script that includes something like the following before running the CMD
:
useradd -c 'container user' -u $APP_UID -g $APP_GID appuser
chown -R $APP_UID:$APP_GID /app/data
这篇关于Docker从主机复制容器中的UID/GID的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!