我在docker中创建了用户“ros”,并将其添加到组“sudo”中,如下面的docker脚本所示。
FROM ubuntu:20.04
[...]
RUN useradd --create-home --shell /bin/bash -G sudo ros
[...]然而,该集团添加从来没有成功。我也试过“usermod -aG sudo ros”,结果是一样的。
下面是我使用的环境的简要描述:主机:ubuntu 20.04 on x64 Docker镜像:基于ubuntu 20.04
重新启动docker容器后,我使用命令'id'检查,似乎用户没有添加到“sudo”组中。我还检查了/etc/group,但它显示用户“ros”在组“sudo”中。
目前,我正在使用“exec newgrp sudo”为我的工作。但是,我也想将用户添加到组“dialout”,同样的问题仍然存在,所以我需要知道如何将用户添加到Docker中的某个组。
有谁知道我会错过哪一步吗?如果我需要提供任何其他信息,请通知我。
编辑:以下是/etc/group文件和docker inspect输出:/etc/group文件
root:x:0:
daemon:x:1:
bin:x:2:
sys:x:3:
adm:x:4:
tty:x:5:
disk:x:6:
lp:x:7:
mail:x:8:
news:x:9:
uucp:x:10:
man:x:12:
proxy:x:13:
kmem:x:15:
dialout:x:20:ros
fax:x:21:
voice:x:22:
cdrom:x:24:
floppy:x:25:
tape:x:26:
sudo:x:27:ros
audio:x:29:pulse
dip:x:30:
www-data:x:33:
backup:x:34:
operator:x:37:
list:x:38:
irc:x:39:
src:x:40:
gnats:x:41:
shadow:x:42:
utmp:x:43:
video:x:44:
sasl:x:45:
plugdev:x:46:
staff:x:50:
games:x:60:
users:x:100:
nogroup:x:65534:
systemd-timesync:x:101:
systemd-journal:x:102:
systemd-network:x:103:
systemd-resolve:x:104:
messagebus:x:105:
input:x:106:
kvm:x:107:
render:x:108:
bluetooth:x:109:
rdma:x:110:
rtkit:x:111:
ssh:x:112:
netdev:x:113:
lpadmin:x:114:
avahi:x:115:
scanner:x:116:saned
saned:x:117:
colord:x:118:
geoclue:x:119:
pulse:x:120:
pulse-access:x:121:
gdm:x:122:
ros:x:1000:和docker检查:
[
{
"Id": "d5d54dc25c439cd417bd661a3c97c62001f69abc1946a461c2c93911c493db28",
"Created": "2023-06-01T18:42:44.891896943Z",
"Path": "/bin/bash",
"Args": [],
"State": {
"Status": "exited",
"Running": false,
"Paused": false,
"Restarting": false,
"OOMKilled": false,
"Dead": false,
"Pid": 0,
"ExitCode": 0,
"Error": "",
"StartedAt": "2023-06-02T19:04:55.495093038Z",
"FinishedAt": "2023-06-02T20:58:27.280446972Z"
},
"Image": "sha256:d0e177ece3e530e3ef524973fa0da513c294d0ec5ca1ebd1f7d98bfede55921c",
"ResolvConfPath": "/var/lib/docker/containers/d5d54dc25c439cd417bd661a3c97c62001f69abc1946a461c2c93911c493db28/resolv.conf",
"HostnamePath": "/var/lib/docker/containers/d5d54dc25c439cd417bd661a3c97c62001f69abc1946a461c2c93911c493db28/hostname",
"HostsPath": "/var/lib/docker/containers/d5d54dc25c439cd417bd661a3c97c62001f69abc1946a461c2c93911c493db28/hosts",
"LogPath": "/var/lib/docker/containers/d5d54dc25c439cd417bd661a3c97c62001f69abc1946a461c2c93911c493db28/d5d54dc25c439cd417bd661a3c97c62001f69abc1946a461c2c93911c493db28-json.log",
"Name": "/ros_host_container",
"RestartCount": 0,
"Driver": "overlay2",
"Platform": "linux",
"MountLabel": "",
"ProcessLabel": "",
"AppArmorProfile": "unconfined",
"ExecIDs": null,
"HostConfig": {
"Binds": [
"/dev:/dev:rw",
"/tmp/.X11-unix:/tmp/.X11-unix:rw",
"/home/brad/Documents/ROS_Docker/ros_ws:/home/ros:rw"
],
"ContainerIDFile": "",
"LogConfig": {
"Type": "json-file",
"Config": {}
},
"NetworkMode": "host",
"PortBindings": {},
"RestartPolicy": {
"Name": "no",
"MaximumRetryCount": 0
},
"AutoRemove": false,
"VolumeDriver": "",
"VolumesFrom": null,
"ConsoleSize": [
53,
203
],
"CapAdd": null,
"CapDrop": null,
"CgroupnsMode": "host",
"Dns": [],
"DnsOptions": [],
"DnsSearch": [],
"ExtraHosts": [
"ros_host:127.0.1.1"
],
"GroupAdd": null,
"IpcMode": "private",
"Cgroup": "",
"Links": null,
"OomScoreAdj": 0,
"PidMode": "",
"Privileged": true,
"PublishAllPorts": false,
"ReadonlyRootfs": false,
"SecurityOpt": [
"label=disable"
],
"UTSMode": "",
"UsernsMode": "",
"ShmSize": 67108864,
"Runtime": "runc",
"Isolation": "",
"CpuShares": 0,
"Memory": 0,
"NanoCpus": 0,
"CgroupParent": "",
"BlkioWeight": 0,
"BlkioWeightDevice": [],
"BlkioDeviceReadBps": [],
"BlkioDeviceWriteBps": [],
"BlkioDeviceReadIOps": [],
"BlkioDeviceWriteIOps": [],
"CpuPeriod": 0,
"CpuQuota": 0,
"CpuRealtimePeriod": 0,
"CpuRealtimeRuntime": 0,
"CpusetCpus": "",
"CpusetMems": "",
"Devices": [],
"DeviceCgroupRules": null,
"DeviceRequests": null,
"MemoryReservation": 0,
"MemorySwap": 0,
"MemorySwappiness": null,
"OomKillDisable": false,
"PidsLimit": null,
"Ulimits": null,
"CpuCount": 0,
"CpuPercent": 0,
"IOMaximumIOps": 0,
"IOMaximumBandwidth": 0,
"MaskedPaths": null,
"ReadonlyPaths": null
},
"GraphDriver": {
"Data": {
"LowerDir": "/var/lib/docker/overlay2/84aac4a21d23a1eadc4b299b991ef5310fb76ca7838862c3fe96be04b48276e8-init/diff:/var/lib/docker/overlay2/ehi01rxf9psji3wdqh0ceh4l2/diff:/var/lib/docker/overlay2/hz354wg6wvqnnq4hkkim5i2he/diff:/var/lib/docker/overlay2/rkoxnsot1rjmkqzjznkne212u/diff:/var/lib/docker/overlay2/qhhufik40l2u3sbg3g3bekh7k/diff:/var/lib/docker/overlay2/wkawb3bz67kf5w2w3tb22pndy/diff:/var/lib/docker/overlay2/6c9pq3knt3htqduczp5e0zpaw/diff:/var/lib/docker/overlay2/cm18ircdncmc898dhsjujst6p/diff:/var/lib/docker/overlay2/xdpt9aurjd7zs3aj27gfu28qg/diff:/var/lib/docker/overlay2/z6763fohr2y46yava6mwkyvhz/diff:/var/lib/docker/overlay2/ataomfrks99j5voyt076yvjnx/diff:/var/lib/docker/overlay2/7c7prvcl9o2pb9zjbesxxen39/diff:/var/lib/docker/overlay2/cfm9k0u58fmokb51h4bozlkyy/diff:/var/lib/docker/overlay2/n3blum7x2af46pn2p1cckay42/diff:/var/lib/docker/overlay2/laar7nipcxj7f10mf56ugnspj/diff:/var/lib/docker/overlay2/6axou0lzc37eqh7weh3l1aonf/diff:/var/lib/docker/overlay2/yo24sspq5wmrcmt7opcjt9y05/diff:/var/lib/docker/overlay2/xrbl7tub5majkcunf3wdezuew/diff:/var/lib/docker/overlay2/pnlfdbqh47qzjy5y3gh10zd5v/diff:/var/lib/docker/overlay2/1c117fda1704d91763f47ee084b86d64658f24c0a7b1fdd998c068dae99147d3/diff",
"MergedDir": "/var/lib/docker/overlay2/84aac4a21d23a1eadc4b299b991ef5310fb76ca7838862c3fe96be04b48276e8/merged",
"UpperDir": "/var/lib/docker/overlay2/84aac4a21d23a1eadc4b299b991ef5310fb76ca7838862c3fe96be04b48276e8/diff",
"WorkDir": "/var/lib/docker/overlay2/84aac4a21d23a1eadc4b299b991ef5310fb76ca7838862c3fe96be04b48276e8/work"
},
"Name": "overlay2"
},
"Mounts": [
{
"Type": "bind",
"Source": "/dev",
"Destination": "/dev",
"Mode": "rw",
"RW": true,
"Propagation": "rprivate"
},
{
"Type": "bind",
"Source": "/home/brad/Documents/ROS_Docker/ros_ws",
"Destination": "/home/ros",
"Mode": "rw",
"RW": true,
"Propagation": "rprivate"
},
{
"Type": "bind",
"Source": "/tmp/.X11-unix",
"Destination": "/tmp/.X11-unix",
"Mode": "rw",
"RW": true,
"Propagation": "rprivate"
}
],
"Config": {
"Hostname": "ros_host",
"Domainname": "",
"User": "1000:1000",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"Tty": true,
"OpenStdin": true,
"StdinOnce": false,
"Env": [
"DISPLAY=:0",
"QT_X11_NO_MITSHM=1",
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
],
"Cmd": [
"/bin/bash"
],
"Image": "ros_host",
"Volumes": null,
"WorkingDir": "/home/ros",
"Entrypoint": null,
"OnBuild": null,
"Labels": {
"org.opencontainers.image.ref.name": "ubuntu",
"org.opencontainers.image.version": "20.04"
}
},
"NetworkSettings": {
"Bridge": "",
"SandboxID": "94f374ee1feaf9ffb30b46db69a2168116c2e775d2f98279302640c17e23b63b",
"HairpinMode": false,
"LinkLocalIPv6Address": "",
"LinkLocalIPv6PrefixLen": 0,
"Ports": {},
"SandboxKey": "/var/run/docker/netns/default",
"SecondaryIPAddresses": null,
"SecondaryIPv6Addresses": null,
"EndpointID": "",
"Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"IPAddress": "",
"IPPrefixLen": 0,
"IPv6Gateway": "",
"MacAddress": "",
"Networks": {
"host": {
"IPAMConfig": null,
"Links": null,
"Aliases": null,
"NetworkID": "8bce69e66b65a905c2ecb6ff8e80ff482dc55f6a582e2d47f13c94383c6c4c3c",
"EndpointID": "",
"Gateway": "",
"IPAddress": "",
"IPPrefixLen": 0,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "",
"DriverOpts": null
}
}
}
}
]
2条答案
按热度按时间avwztpqn1#
它看起来像是将用户设置为
1000:1000。显式设置用户和组时,不会配置辅助组。您应该仅使用指定的用户运行容器。这可以在你的Dockerfile中完成,或者更可能在你运行容器的地方完成。2skhul332#
"User": "1000:1000",当你执行
--suer 1000:1000时,你只会得到1000:1000。使用--user 1000或--user ros-这将从/etc/groups拉取组。或者使用--user 1000:1000 --group-add 27。