在一个预构建的Docker容器（jenkins）中更改用户的uid [英] Changing the user's uid in a pre-build docker container (jenkins)

问题描述

我是新来的码头工作者，所以如果这是一个相当明显的过程，我失踪了，我对前面的愚蠢的问题表示道歉。

我正在设置使用 jenkins docker映像创建一个连续集成服务器。我做了一个 docker pull jenkins ，并创建了一个用户 jenkins ，让我挂载在容器中的/ var / jenkins_home 到我的主机的 / var / jenkins_home （也由 jenkins：jenkins user）。

问题是容器似乎用uid 102定义了 jenkins ，但是我的主持人将 jenkins 用户设为1002，所以当我运行它时，我得到：

 ＃code> docker run --name jenkins -u jenkins -p 8080 -v / var / jenkins_home：/ var / jenkins_home jenkins 
 /usr/local/bin/jenkins.sh：第25行：/ var /jenkins_home/copy_reference_file.log：权限被拒绝
  

我只会让主机的 jenkins 用户在 / etc / passwd 中为102，但是这个uid已经被sshd占用了。我认为解决方案是将容器更改为使用uid 1002，但我不知道如何。

编辑

实际上，主机上的用户102是messagebus，而不是sshd。

解决方案

假设没有其他用户具有UID 1002，只需更改 / etc / passwd 中的UID。

需要将主机上的 / var / jenkins_home 的所有权更改为UID 1002：

  chown -R jenkins / var / jenkins_home 
  

其实你甚至不会需要一个 jenkins 用户在主机上执行此操作;你可以简单地运行：

  chown -R 1002 / var / jenkins_home 
  pre> 
 
 
即使没有用户可以在本地使用UID 1002，这将会起作用。
 
 
 
另一个解决方案是根据Jenkins图像构建您自己的码头图像，该图像有一个 ENTRYPOINT 脚本，看起来像：
 ＃！/ bin / sh 
 chown -R jenkins / var / jenkins_home 
 exec$ @
  
这将（递归） chown   / var / jenkins_home  里面的容器到$ code> jenkins 用户使用的UID（这假设你的Docker包含以$ code> root开头，除非在图片的历史中有 USER 指令，否则为true）。
 
 
 
 更新 
 
 
 
您可以根据（ FROM）创建一个新的 ... ）jenkins图像，具有执行必要条件的Dockerfile y编辑到 / etc / passwd 文件。但是，似乎很多工作没有多少收获。您不清楚为什么要在主机上创建 jenkins 用户，或者您实际需要访问主机上的jenkins主目录。
 
 
 
如果您正在做的是提供数据持久性，请考虑使用数据卷容器和  - 卷从而不是主机卷，因为这将与您的主机隔离数据卷，以便UID冲突不会引起混淆。
 
I am new to docker, so if this is a fairly obvious process that I am missing, I do apologize for the dumb question up front.

I am setting up a continuous integration server using the jenkins docker image.  I did a docker pull jenkins, and created a user jenkins to allow me to mount the /var/jenkins_home in the container to my host's /var/jenkins_home (also owned by jenkins:jenkins user).

the problem is that the container seems to define the jenkins user with uid 102, but my host has the jenkins user as 1002, so when I run it I get:
docker run --name jenkins -u jenkins -p 8080 -v /var/jenkins_home:/var/jenkins_home jenkins
/usr/local/bin/jenkins.sh: line 25: /var/jenkins_home/copy_reference_file.log: Permission denied
I would simply make the uid for the host's jenkins user be 102 in /etc/passwd, but that uid is already taken by sshd.  I think the solution is to change the container to use uid 1002 instead, but I am not sure how.

Edit

Actually, user 102 on the host is messagebus, not sshd.
解决方案
You can simply change the UID in /etc/passwd, assuming that no other user has UID 1002.

You will then need to change the ownership of /var/jenkins_home on your host to UID 1002:
chown -R jenkins /var/jenkins_home
In fact, you don't even need a jenkins user on the host to do this; you can simply run:
chown -R 1002 /var/jenkins_home
This will work even if there is no user with UID 1002 available locally.

Another solution is to build your own docker image, based on the Jenkins image, that has an ENTRYPOINT script that looks something like:
#!/bin/sh
chown -R jenkins /var/jenkins_home 
exec "$@"
This will (recursively) chown /var/jenkins_home inside the container to whatever UID is used by the jenkins user (this assumes that your Docker contains is starting as root, which is true unless there was a USER directive in the history of the image).

Update

You can create a new image, based on (FROM ...) the jenkins image, with a Dockerfile that performs the necessary edits to the /etc/passwd file.  But that seems a lot of work for not much gain.  It's not clear why you're creating jenkins user on the host or if you actually need access to the jenkins home directory on the host.

If all you're doing is providing data persistence, consider using a data volume container and --volumes-from rather than a host volume, because this will isolate the data volume from your host so that UID conflicts don't cause confusion.

                        
这篇关于在一个预构建的Docker容器（jenkins）中更改用户的uid的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！