diff options
| author | Akira Yokosawa <akiyks@gmail.com> | 2023-06-15 18:56:24 +0900 |
|---|---|---|
| committer | Paul E. McKenney <paulmck@kernel.org> | 2023-06-15 09:25:34 -0700 |
| commit | aa639894504c55929e53cd9fcc63ff3f6bcc668d (patch) | |
| tree | df62aad05ee0c6365bb7022c8540331911457b9c | |
| parent | c80fa89674a3cca5f95acb7fd16104ac21909e57 (diff) | |
| download | perfbook-aa639894504c55929e53cd9fcc63ff3f6bcc668d.tar.gz | |
Dockerfile: Make uid:gid = 0:0 the default
Most container images at dockerhub and other repositories have
uid:gid = 0:0 by default.
This makes it possible to run commands to update or install packages
after invoking such images.
Furthermore, rootless-mode docker has become easier to install [1]
and podman is rootless by default.
Change the default uid:gid pair to 0:0 in our Dockerfiles.
(Dockerfile.bionic will soon be removed and is not updated here)
Update FAQ-BUILD.txt accordingly. Container images uploaded to
akiyks/perfbook-build will be for rootless mode by default from now
on.
akiyks/perfbook-build-focal and akiyks/perfbook-build-fedora
should be regarded as deprecated but will be kept for a while.
Link: [1] https://docs.docker.com/engine/security/rootless/
Signed-off-by: Akira Yokosawa <akiyks@gmail.com>
Signed-off-by: Paul E. McKenney <paulmck@kernel.org>
| -rw-r--r-- | FAQ-BUILD.txt | 27 | ||||
| -rw-r--r-- | docker/Dockerfile | 4 | ||||
| -rw-r--r-- | docker/Dockerfile.fedora | 4 |
3 files changed, 16 insertions, 19 deletions
diff --git a/FAQ-BUILD.txt b/FAQ-BUILD.txt index e0fa0847..5867acd9 100644 --- a/FAQ-BUILD.txt +++ b/FAQ-BUILD.txt @@ -40,7 +40,7 @@ Alternatively, you can use the container image described in #13 below. Otherwise, instructions follow. - On Ubuntu Bionic and Focal, the following list should cover + On Ubuntu Bionic and later, the following list should cover necessary packages (except for -doc packages): texlive-publishers texlive-pstricks texlive-science texlive-fonts-extra @@ -296,42 +296,39 @@ subdirectory. You can pull the container image built from it as follows: - docker pull akiyks/perfbook-build-focal:latest + docker pull akiyks/perfbook-build:latest It can be run with the command: docker run --rm -it -v <path to perfbook dir>:/work \ - akiyks/perfbook-build-focal:latest + akiyks/perfbook-build:latest Note: - The prebuilt container image assumes <uid:pid> = <1000:1000>. - If you have different IDs, you can still run the image by + The prebuilt container image assumes rootless mode. + If you run root-mode docker, you can still run the image by adding the option: -u $(id -u):$(id -g) - to the "docker run" command. The bash prompt will be in the - form of "I have no name!@abcdef012345:/work$". Builds of - perfbook will nevertheless succeed. You can also build - a container image of your own: + to the "docker run" command. + + You can build a container image on your own: cd docker docker build -t <container image tag> \ --build-arg uid=$(id -u) --build-arg gid=$(id -g) . For those prefer a Fedora-based container image, - akiyks/perfbook-build-fedora:latest is also available. + akiyks/perfbook-build:fedora is also available. It is built from docker/Dockerfile.fedora. If you have podman already installed, you can run the image - with podman. podman maps container's root to your host uid - by default. - Use the following command to run: + with podman. podman runs in rootless mode by default. + Use the following command to run (Note the ":z" in the -v flag): podman run --rm -it -v <path to perfbook dir>:/work:z \ - -u 0:0 akiyks/perfbook-build-fedora:latest + akiyks/perfbook-build:fedora - You will see a prompt with a "#". Your updates under /work will have your host uid in host's POV. 14. It looks as if answers above all assume building under GNU/Linux diff --git a/docker/Dockerfile b/docker/Dockerfile index b1111649..ec89c6f2 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -17,8 +17,8 @@ WORKDIR /opt RUN curl https://gitlab.com/latexpand/latexpand/-/archive/v1.3/latexpand-v1.3.tar.gz -o - | tar xfz - && \ sed -i -e 's/@LATEXPAND_VERSION@/v1.3/' latexpand-*/latexpand && \ cp latexpand-*/latexpand /usr/local/bin -ARG uid=1000 -ARG gid=1000 +ARG uid=0 +ARG gid=0 ARG user=perfbook ARG group=perfbook RUN if [ $uid -ne 0 ] ; then \ diff --git a/docker/Dockerfile.fedora b/docker/Dockerfile.fedora index 9b5ed544..5eff2a2a 100644 --- a/docker/Dockerfile.fedora +++ b/docker/Dockerfile.fedora @@ -22,8 +22,8 @@ WORKDIR /opt RUN curl https://gitlab.com/latexpand/latexpand/-/archive/v1.3/latexpand-v1.3.tar.gz -o - | tar xfz - && \ sed -i -e 's/@LATEXPAND_VERSION@/v1.3/' latexpand-*/latexpand && \ cp latexpand-*/latexpand /usr/local/bin -ARG uid=1000 -ARG gid=1000 +ARG uid=0 +ARG gid=0 ARG user=perfbook ARG group=perfbook RUN if [ $uid -ne 0 ] ; then \ |