Commit 3df771f

authored

Check the logged user instead of $USER (#3330)

* Check the logged user instead of $USER Given that `sudo usermod --login "$DOCKER_USER" coder` and `sudo groupmod -n "$DOCKER_USER" coder` modify the container's disk it'll persist across restarts, but environment variables will be reset to whatever state they had at the end of `Dockerfile`. In this case, `$USER` is set to `coder`, so this branch will always be true. By checking with the output of `whoami`, which gets it's information from `/etc/passwd`, we make sure to get the real logged user and not the one defined by $USER. We also move `USER="$DOCKER_USER"` out of the branch, since we always want this to happen at entry-point. If we don't do this assignment, $USER will contain `coder` upon restart. * Update entrypoint.sh Check `$DOCKER_USER` was defined before copying it to `$USER`.

1 parent 014d746 commit 3df771fCopy full SHA for 3df771f

File tree

1 file changed

-8

lines changed

ci/release-image
- entrypoint.sh

1 file changed

-8

lines changed

`‎ci/release-image/entrypoint.sh‎`

Lines changed: 9 additions & 8 deletions

Original file line number	Diff line number	Diff line change
`@@ -5,16 +5,17 @@ set -eu`
`5`	`5`	`# Otherwise the current container UID may not exist in the passwd database.`
`6`	`6`	`eval "$(fixuid -q)"`
`7`	`7`
`8`		`-if [ "${DOCKER_USER-}" ] && [ "$DOCKER_USER" != "$USER" ]; then`
`9`		`- echo "$DOCKER_USER ALL=(ALL) NOPASSWD:ALL" \| sudo tee -a /etc/sudoers.d/nopasswd >/dev/null`
`10`		`- # Unfortunately we cannot change $HOME as we cannot move any bind mounts`
`11`		`- # nor can we bind mount $HOME into a new home as that requires a privileged container.`
`12`		`- sudo usermod --login "$DOCKER_USER" coder`
`13`		`- sudo groupmod -n "$DOCKER_USER" coder`
`14`		`-`
	`8`	`+if [ "${DOCKER_USER-}" ]; then`
`15`	`9`	`USER="$DOCKER_USER"`
	`10`	`+ if [ "$DOCKER_USER" != "$(whoami)" ]; then`
	`11`	`+ echo "$DOCKER_USER ALL=(ALL) NOPASSWD:ALL" \| sudo tee -a /etc/sudoers.d/nopasswd >/dev/null`
	`12`	`+ # Unfortunately we cannot change $HOME as we cannot move any bind mounts`
	`13`	`+ # nor can we bind mount $HOME into a new home as that requires a privileged container.`
	`14`	`+ sudo usermod --login "$DOCKER_USER" coder`
	`15`	`+ sudo groupmod -n "$DOCKER_USER" coder`
`16`	`16`
`17`		`- sudo sed -i "/coder/d" /etc/sudoers.d/nopasswd`
	`17`	`+ sudo sed -i "/coder/d" /etc/sudoers.d/nopasswd`
	`18`	`+ fi`
`18`	`19`	`fi`
`19`	`20`
`20`	`21`	`dumb-init /usr/bin/code-server "$@"`

0 commit comments

Comments

(0)

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit 3df771f

File tree

1 file changed

1 file changed

`‎ci/release-image/entrypoint.sh‎`

0 commit comments