skip to Main Content

In Docker file I have this

FROM ubuntu
RUN apt update && apt -y upgrade
RUN apt install -y sudo
# Setup ops user use defaults uid 1000 gid 1000
RUN useradd -d /home/myuser -aG sudo 
    && usermod -aG sudo root  
    && echo "%sudo   ALL=(ALL:ALL) NOPASSWD:ALL" > /etc/sudoers

when execute

docker run -dit -u 1000:1000 myimage "/bin/bash"
docker exec -it 23u898908 "/bin/bash"

I get

myuser@23u898908$ id 
uid=1000(myuser) gid=1000(myuser) groups=1000(myuser)

myuser@23u898908$ id myuser
uid=1000(myuser) gid=1000(myuser) groups=1000(myuser),27(sudo)

myuser@23u898908$ sudo ls
file.txt

in other words, the groups are working, but not showing in the id command, but show in the id myuser command, just curious if there is something I am missing, or is it by design?
if executed

myuser@23u898908$sudo su -l myuser
$id
uid=1000(myuser) gid=1000(myuser) groups=1000(myuser),27(sudo)

expected behaviour is to show all groups with just the id command, is this a bug maybe??

2

Answers


  1. Chosen as BEST ANSWER

    Solved. Basically there is a need to terminate the bash session and re-establish it again by adjusting the above commands in Dockerfile by adding exit at the end of last shell command, that will enforce a new bash session to be kicked off.

    RUN useradd -d /home/myuser -aG sudo 
        && usermod -aG sudo root  
        && echo "%sudo   ALL=(ALL:ALL) NOPASSWD:ALL" > /etc/sudoers && exit
    USER myuser
    WORKDIR /home/myuser
    

    Now when I do docker run -dit myimage "/bin/bash" I get the $ prompt and $id produces the expected results. The catch is, there is no need to use --user 1000:1000 on the docker run command.


  2. you must relogin or restart container to refresh it. id takes it for current session

    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search