Dockerfile
Dockerfile copied to clipboard
Integrate nss_wrapper
Are there any chances to have the nss_wrapper library integrated?
This would avoid issues with Docker containers launched with different UID/GID as can be seen by the I have no name!
in the shell prompt and the dreaded No user exists for uid 0
when using ssh
.
I have tried to integrate this locally using an entrypoint.d
script but aside from the fact that I don't have access to the container GID (only UID via CONTAINER_UID
) container startup then fails:
...
-> Executing /opt/docker/provision/entrypoint.d/99-nss-wrapper.sh
-> Executing /opt/docker/bin/service.d/supervisor.d//10-init.sh
Error: Invalid sockchown value root:root
For help, use /usr/bin/supervisord -h
My custom Dockerfile
:
FROM webdevops/php-apache-dev:7.2
RUN apt-get update && \
apt-get install -y libnss-wrapper && \
rm -rf /var/lib/apt/lists/*
COPY ./entrypoint.d/99-nss-wrapper.sh /opt/docker/provision/entrypoint.d/
The 99-nss-wrapper.sh
script:
#!/bin/sh
echo "app:x:${CONTAINER_UID}:${CONTAINER_UID}::/home/application:/bin/bash" > /etc/passwd.nss
echo "app:x:${CONTAINER_UID}:" > /etc/group.nss
export NSS_WRAPPER_PASSWD=/etc/passwd.nss
export NSS_WRAPPER_GROUP=/etc/group.nss
export LD_PRELOAD=libnss_wrapper.so
Sounds interesting, never heard of it. Will investigate as soon as I have some spare time left.