docker-jitsi-meet
docker-jitsi-meet copied to clipboard
jitsi
Unable to switch user from root to non-root user , getting "s6-mkdir: warning: unable to mkdir /var/run/s6: Permission denied"
we have created cutomized docker filw with base image as jisti/jvb,jitsi/web,jitsi/prosody,jitsi/jicofo stable-6865 tag Docker file
FROM jitsi:jvb-6865
RUN whoami
RUN groupadd -g 990 fcjitsi && \
RUN useradd -r -u 990 -g fcjitsi fcjvb
USER fcjvb
RUN whoami
====Log=== root@gdnlptest02-vm1 jitsicustomimages]# docker build -t jitsi:jvb-custom-6866 -f Dockerfile . Sending build context to Docker daemon 2.048kB Step 1/5 : FROM jitsi:jvb-6865 ---> 137498120a93 Step 2/5 : RUN whoami ---> Running in f2a32ae571e3 root Removing intermediate container f2a32ae571e3 ---> 545ac78cfc14 Step 3/5 : RUN groupadd -g 990 fcjitsi && useradd -r -u 990 -g fcjitsi fcjvb ---> Running in 46c076ba9bc9 Removing intermediate container 46c076ba9bc9 ---> 9ddc8268b6b9 Step 4/5 : USER fcjvb ---> Running in da7eb650aa18 Removing intermediate container da7eb650aa18 ---> 2601baae0576 Step 5/5 : RUN whoami ---> Running in 5031a6cff980 fcjvb Removing intermediate container 5031a6cff980 ---> 4a472a688ad4 Successfully built 4a472a688ad4 Successfully tagged jitsi:jvb-custom-6866 [root@gdnlptest02-vm1 jitsicustomimages]# docker images REPOSITORY TAG IMAGE ID CREATED SIZE jitsi jvb-custom-6866 4a472a688ad4 35 seconds ago 417MB jitsi jvb-6865 137498120a93 9 months ago 417MB [root@gdnlptest02-vm1 jitsicustomimages]# docker run -it 4a472a688ad4 s6-mkdir: warning: unable to mkdir /var/run/s6: Permission denied [root@gdnlptest02-vm1 jitsicustomimages]# docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES ca10ceb87df7 4a472a688ad4 "/init" 19 seconds ago Exited (1) 18 seconds ago unruffled_gates
That is currently not supported.
S6 needs to be updated to at least version 2 (but we should really jump to 3) for proper non-root user support.
At any rate, running Docker as root is a Bad Idea, you shouldn't be doing that.
Yeah .I started running docker with non-root user :
[smounika@gdnlptest02-vm1 jitsicustomimages]$ docker build -t jitsi:jvb-custom-6866 -f Dockerfile . Sending build context to Docker daemon 2.048kB Step 1/6 : jitsi:jvb-6865 ---> 137498120a93 Step 2/6 : RUN whoami ---> Running in 5109c036c4a1 root Removing intermediate container 5109c036c4a1 ---> f8435bfb7a69 Step 3/6 : RUN useradd -g root fcjvb ---> Running in 3eb7c7471869 Removing intermediate container 3eb7c7471869 ---> 01bc157012ac Step 4/6 : USER fcjvb ---> Running in 5ae232cbc256 Removing intermediate container 5ae232cbc256 ---> 5be1191d3295 Step 5/6 : RUN whoami ---> Running in b994a9015a35 fcjvb Removing intermediate container b994a9015a35 ---> b0bac9a757c5 Successfully built 529a3f90401b Successfully tagged jitsi:jvb-custom-6866 [smounika@gdnlptest02-vm1 jitsicustomimages]$ docker images REPOSITORY TAG IMAGE ID CREATED SIZE jitsi jvb-custom-6866 529a3f90401b 9 seconds ago 417MB [smounika@gdnlptest02-vm1 jitsicustomimages]$ docker run -it 529a3f90401b s6-mkdir: warning: unable to mkdir /var/run/s6: Permission denied [smounika@gdnlptest02-vm1 jitsicustomimages]$ docker ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES e12b1a71821b 529a3f90401b "/init" 6 minutes ago Exited (1) 6 minutes ago clever_pare
S6 needs to be updated to at least version 2 (but we should really jump to 3) for proper non-root user support. -->Do we know by when this is going to introduce?
Can we get resources like docker file and dependencies to upgrade ,If possible we can take it up and push image if you guide ?
All the resources are in this repo.
I don't have the guide to guide anyone at the moment, it would take me the same amount of time as doing it myself, and alas I'm a bit busy.
If you figure it out, I'd be happy to review a pull request though.