SyntaxFix

[docker] Connect to docker container as user other than root

My solution:

#!/bin/bash
user_cmds="$@"

GID=$(id -g $USER)
UID=$(id -u $USER)
RUN_SCRIPT=$(mktemp -p $(pwd))
(
cat << EOF
addgroup --gid $GID $USER
useradd --no-create-home --home /cmd --gid $GID --uid $UID  $USER
cd /cmd
runuser -l $USER -c "${user_cmds}"
EOF
) > $RUN_SCRIPT

trap "rm -rf $RUN_SCRIPT" EXIT

docker run -v $(pwd):/cmd --rm my-docker-image "bash /cmd/$(basename ${RUN_SCRIPT})"

This allows the user to run arbitrary commands using the tools provides by my-docker-image. Note how the user's current working directory is volume mounted to /cmd inside the container.

I am using this workflow to allow my dev-team to cross-compile C/C++ code for the arm64 target, whose bsp I maintain (the my-docker-image contains the cross-compiler, sysroot, make, cmake, etc). With this a user can simply do something like:

cd /path/to/target_software
cross_compile.sh "mkdir build; cd build; cmake ../; make"

Where cross_compile.sh is the script shown above. The addgroup/useradd machinery allows user-ownership of any files/directories created by the build.

While this works for us. It seems sort of hacky. I'm open to alternative implementations ...

Examples related to docker

standard_init_linux.go:190: exec user process caused "no such file or directory" - Docker What is the point of WORKDIR on Dockerfile? E: gnupg, gnupg2 and gnupg1 do not seem to be installed, but one of them is required for this operation How do I add a user when I'm using Alpine as a base image? docker: Error response from daemon: Get https://registry-1.docker.io/v2/: Service Unavailable. IN DOCKER , MAC How to fix docker: Got permission denied issue pull access denied repository does not exist or may require docker login Docker error: invalid reference format: repository name must be lowercase Docker: "no matching manifest for windows/amd64 in the manifest list entries" OCI runtime exec failed: exec failed: (...) executable file not found in $PATH": unknown

Examples related to containers

How do I stretch an image to fit the whole background (100% height x 100% width) in Flutter? How to get IP address of running docker container What's the difference between ClusterIP, NodePort and LoadBalancer service types in Kubernetes? How to run a cron job inside a docker container? Connect to docker container as user other than root Starting a shell in the Docker Alpine container Docker error cannot delete docker container, conflict: unable to remove repository reference How can I keep a container running on Kubernetes? List only stopped Docker containers docker: "build" requires 1 argument. See 'docker build --help'

Examples related to root

SQLSTATE[HY000] [1698] Access denied for user 'root'@'localhost' Connect to docker container as user other than root MySQL user DB does not have password columns - Installing MySQL on OSX vagrant login as root by default adb shell su works but adb root does not Android: adbd cannot run as root in production builds How to get domain root url in Laravel 4? Import Certificate to Trusted Root but not to Personal [Command Line] How to check if running as root in a bash script Access Denied for User 'root'@'localhost' (using password: YES) - No Privileges?