Integrate nss_wrapper

[mbrodala]

Are there any chances to have the nss_wrapper library integrated?

This would avoid issues with Docker containers launched with different UID/GID as can be seen by the I have no name! in the shell prompt and the dreaded No user exists for uid 0 when using ssh.

I have tried to integrate this locally using an entrypoint.d script but aside from the fact that I don't have access to the container GID (only UID via CONTAINER_UID) container startup then fails:

...
-> Executing /opt/docker/provision/entrypoint.d/99-nss-wrapper.sh
-> Executing /opt/docker/bin/service.d/supervisor.d//10-init.sh
Error: Invalid sockchown value root:root
For help, use /usr/bin/supervisord -h

My custom Dockerfile:

FROM webdevops/php-apache-dev:7.2

RUN apt-get update && \
apt-get install -y libnss-wrapper && \
rm -rf /var/lib/apt/lists/*

COPY ./entrypoint.d/99-nss-wrapper.sh /opt/docker/provision/entrypoint.d/

The 99-nss-wrapper.sh script:

#!/bin/sh

echo "app:x:${CONTAINER_UID}:${CONTAINER_UID}::/home/application:/bin/bash" > /etc/passwd.nss
echo "app:x:${CONTAINER_UID}:" > /etc/group.nss

export NSS_WRAPPER_PASSWD=/etc/passwd.nss
export NSS_WRAPPER_GROUP=/etc/group.nss
export LD_PRELOAD=libnss_wrapper.so

[htuscher]

Sounds interesting, never heard of it. Will investigate as soon as I have some spare time left.