Docker撰写文件所有权 [英] Docker compose file ownership

查看:57
本文介绍了Docker撰写文件所有权的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我使用Docker Compose创建了Django项目:

I created Django project with Docker Compose:

Dockerfile

Dockerfile

FROM python:2.7

ENV PYTHONUNBUFFERED 1

RUN mkdir /code
WORKDIR /code
ADD . /code/

RUN pip install -r requirements.txt

WORKDIR /code/example
ENTRYPOINT ["python", "manage.py"]

docker-compose.yml

docker-compose.yml

postgres:
  image: postgres
  ports:
  - '5432:5432'

django-project:
  build: .
  command: runserver 0.0.0.0:8000
  volumes:
  - .:/code
  ports:
  - '8000:8000'
  links:
  - postgres

效果很好.但是,通过容器"django-project"创建的所有新文件都具有root所有者和组.

It work nice. But all new files which create through container 'django-project' have root owner and group.

我尝试在容器 django-project 的Compose配置中添加 user:user .但出现异常找不到用户用户.

I try add user: user in Compose config for container django-project. But got exception User user not found.

我尝试在具有代码的容器中添加 user :

I try add user in container with code:

ENV HOME_USER user
ENV HOME_PASS password

RUN useradd -m -s /bin/bash ${HOME_USER} && \
    echo "${HOME_USER}:${HOME_PASS}"|chpasswd && \
    adduser ${HOME_USER} sudo && \
    echo ${HOME_USER}' ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers

但是例外仍然存在.

我如何对将通过docker容器创建的所有新文件应用非root用户所有权?

How I can apply non-root ownership for all new files which will create through docker container?

推荐答案

如果您的 useradd 工作正常,那么最后一个难题就是在Dockerfile中切换到该用户以在运行特定命令时运行该命令.容器已构建:
https://docs.docker.com/engine/reference/builder/#user

if your useradd worked then the last piece of the puzzle is to switch to that user in the Dockerfile to run particular commands when the container is built:
https://docs.docker.com/engine/reference/builder/#user

请注意,在docker-compose.yml中指定 user:user 仅会影响启动容器时运行的最终过程(即 ENTRYPOINT CMD )
https://docs.docker.com/engine/reference/run/#user

Note that specifying user: user in the docker-compose.yml only affects the final process that's run when you start the container (i.e. the ENTRYPOINT or CMD)
https://docs.docker.com/engine/reference/run/#user

所以您需要:

FROM python:2.7

ENV PYTHONUNBUFFERED 1

ENV HOME_USER user
ENV HOME_PASS password

RUN useradd -m -s /bin/bash ${HOME_USER} && \
    echo "${HOME_USER}:${HOME_PASS}"|chpasswd && \
    adduser ${HOME_USER} sudo && \
    echo ${HOME_USER}' ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers

USER user

RUN mkdir /code
WORKDIR /code
ADD . /code/

RUN pip install -r requirements.txt

WORKDIR /code/example
ENTRYPOINT ["python", "manage.py"]

或者,您可以以 root 用户身份运行所有内容,但可以将所有文件作为Dockerfile中的 RUN 步骤进行 chown :

Alternatively you could run everything as root user but chown all the files as a RUN step in the Dockerfile:

FROM python:2.7

ENV PYTHONUNBUFFERED 1

ENV HOME_USER user
ENV HOME_PASS password

RUN useradd -m -s /bin/bash ${HOME_USER} && \
    echo "${HOME_USER}:${HOME_PASS}"|chpasswd && \
    adduser ${HOME_USER} sudo && \
    echo ${HOME_USER}' ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers

RUN mkdir /code
WORKDIR /code
ADD . /code/

RUN chown -R user /code

RUN pip install -r requirements.txt

WORKDIR /code/example
ENTRYPOINT ["python", "manage.py"]

这篇关于Docker撰写文件所有权的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
其他开发最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆