如何设置将所有环境变量从root用户复制到另一个特定用户 [英] How to set copy all environment variables from root user to another specific user

问题描述

在我的docker容器中，我正在从 entrypoint.sh 中的特定用户运行命令：

In my docker container I am running a command as a specific user like this from entrypoint.sh:

sudo -u appuser$ @

这工作正常，但是，它没有设置任何在运行容器时使用 - link 选项创建的环境变量。

This works fine, however, it doesn't set any of the environment variables that get created by using the --link option while running the container.

问题

是否可以设置所有环境变量root用户到某个其他特定用户（在本示例中为 appuser ）

Is it possible to set all environment variables that exist for a root user to some other specific user (in this example appuser)

注意：此讨论的相关问题。这就是为什么我不能只使用 USER 命令如何给Docker容器访问安装在主机上的卷的非root用户

Note: related question to this discussion. This is the reason I can't just use the USER command How to give non-root user in Docker container access to a volume mounted on the host

推荐答案

sudo 命令，因为它被设计为特权升级的工具在切换到新的用户标识之前有意地清理环境。如果您查看 sudo 手册页，您会发现：

The sudo command, because it is designed as a tool for privilege escalation, intentionally sanitizes the environment before switching to a new user id. If you take a look at the sudo man page, you'll find:

 -E, --preserve-env
             Indicates to the security policy that the user wishes to preserve their existing
             environment variables.  The security policy may return an error if the user does not
             have permission to preserve the environment.

所以而不是 sudo -u appuser somecommand ，只需使用 sudo -E -u appuser somecommand 。

So instead of sudo -u appuser somecommand, just use sudo -E -u appuser somecommand.

runuser 命令由最新版本的Ubuntu中的 util-linux 包提供，默认情况下不执行任何环境初始化。例如：

The runuser command is provided by the util-linux package in recent versions of Ubuntu, and does not perform any environment initialization by default. For example:

$ docker pull ubuntu
$ docker run -it --rm ubuntu /bin/bash
root@ded49ffde72e:/# runuser --help

Usage:
 runuser [options] -u <user> <command>
 runuser [options] [-] [<user> [<argument>...]]
[...]

使用Ubuntu Xenial（但是 runuser 命令也似乎在 ubuntu：vivid 上可用，但是不是可以在 ubuntu：trusty 下找到。

This is with Ubuntu Xenial (but the runuser command also appears to be available on ubuntu:vivid, but is not available under ubuntu:trusty).

所以你的选择是：

• 使用 sudo -E 或


• Ubuntu映像

这篇关于如何设置将所有环境变量从root用户复制到另一个特定用户的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！