You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hello,
I try to slim one of my container based on UBUNTU:18.04,
I've a x30 minify performance that is really great but I've a sudo command issue which I can't get rid of.
In my Dockerfile, I've an 'apt-get install sudo' command in a bash script called by the ENTRYPOINT
and I need it to load a driver at container start-up due to a USER switch.
The bash file contains this line: sudo /etc/init.d/<cmd> start
When I check the docker logs stdout, I've the following issue: sudo: /usr/bin/sudo must be owned by uid 0 and have the setuid bit set
I tried to escalade the issue, using docker exec command in root mode, and I checked the file permission that should be 4755. docker exec --user root -it 01 bash
bash-4.4# stat -c "%a" /usr/bin/sudo
755
In the container execution (docker exec --user root -it bash), I was able to change the sudo file permission (chmod 4755 /usr/bin/sudo) and after that, if I re execute the container the current user, I was able to execute the sudo command.
So, I think that my issue is related to a file permission.
Here is the docker-slim build command I used, but It doesn't fix the sudo permission issue:
Hello,
I try to slim one of my container based on UBUNTU:18.04,
I've a x30 minify performance that is really great but I've a sudo command issue which I can't get rid of.
In my Dockerfile, I've an 'apt-get install sudo' command in a bash script called by the ENTRYPOINT
and I need it to load a driver at container start-up due to a USER switch.
The bash file contains this line:
sudo /etc/init.d/<cmd> start
When I check the docker logs stdout, I've the following issue:
sudo: /usr/bin/sudo must be owned by uid 0 and have the setuid bit set
I tried to escalade the issue, using docker exec command in root mode, and I checked the file permission that should be 4755.
docker exec --user root -it 01 bash
bash-4.4# stat -c "%a" /usr/bin/sudo
755
In the container execution (docker exec --user root -it bash), I was able to change the sudo file permission (chmod 4755 /usr/bin/sudo) and after that, if I re execute the container the current user, I was able to execute the sudo command.
So, I think that my issue is related to a file permission.
Here is the docker-slim build command I used, but It doesn't fix the sudo permission issue:
docker-slim build --include-shell \ --include-exe='/bin/chmod' \ --include-exe='/bin/chown' \ --include-exe='/usr/bin/stat' \ --include-path='/usr/bin/sudo:4755' \ --include-path='/usr/lib' \ --include-path='/usr/tmp' \ --include-path='/var/tmp' \ my_container:ubuntu
I've also tried with others switch such as --path-perms-file='/usr/bin/sudo:4755' but with no luck.
Any idea to apply to resolve this issue ? Thanks.
The text was updated successfully, but these errors were encountered: