truss icon indicating copy to clipboard operation
truss copied to clipboard
verified publisher icon metaverse

Running truss in docker outputs a root owned service in linux

Open zaquestion opened this issue 8 years ago • 2 comments

#138 Introduced a new Dockerfile. When run however the resulting service has the permissions of the docker image's internal root user. As such root permissions are required to fix (chown user output-service)

This isn't the first time we've dealt with this issue in docker. One might try to use a similar tactic as here: https://github.com/TuneLab/go-truss/pull/69/files#diff-c156c1a4ece69c66740e58eee2ec9cd7 Note since we are using alpine the commands are going to be different.

zaquestion avatar Jan 25 '17 00:01 zaquestion

Noting here that if

docker cp

is used, then the file into and out of the container have the same permissions as the user which invoked the docker cp command. As apposed to docker volumes, which can vary by system.

This could be useful in fixing this problem. May come back to it sometime myself. But others are welcome.

adamryman avatar May 04 '17 04:05 adamryman

Multi-stage builds should simplify this further: https://docs.docker.com/engine/userguide/eng-image/multistage-build/#use-multi-stage-builds

zaquestion avatar Aug 03 '17 20:08 zaquestion