default user ID?
View options
I noticed that the CMSSW standalone container runs as cmsuser with ID 501:
$ docker run -i -t --rm clelange/cmssw:5_3_32 /usr/bin/id
uid=501(cmsusr) gid=501(cmsusr) groups=501(cmsusr)This creates some permission issues when running the container in a laptop development kind of situation when my local disk is mounted as a volume to the running process.
Is the cmsuser necessary?
- If yes, could the user ID be set to 1000? This is equal to the first user ID of a Linux system, making development easier when sharing volumes and writing files from inside and outside the container. This is what we usually do in our various projects, for example:
$ grep reanauser Dockerfile
RUN adduser --uid 1000 --disabled-password --gecos '' reanauser && \
chown -R reanauser:reanauser /code
USER reanauser
$ docker run -i -t --rm reanahub/reana-job-controller /usr/bin/id
uid=1000(reanauser) gid=1000(reanauser) groups=1000(reanauser)- If not, what about keeping some
rootrights?
$ grep -A1 invenio Dockerfile
RUN adduser --uid 1000 invenio --gid 0 && \
chown -R invenio:root /code
USER 1000
$ docker run -i -t --rm cernopendata/web /usr/bin/id
uid=1000(invenio) gid=0(root) groups=0(root)This would make running things easier both locally and on K8s.
Link items together to show that they're related or that one is blocking others.