Fullaxx
commented
5 years ago I am not opposed to the idea, although I am very new to docker and still learning. I'll do some research on this. Thanks for for spending time on my little project!
Closed CWempe closed 5 years ago
Fullaxx
commented
5 years ago I am not opposed to the idea, although I am very new to docker and still learning. I'll do some research on this. Thanks for for spending time on my little project!
CWempe
commented
5 years ago I am no expert either. 😄
Maybe I find some time the next days to tackle this issue.
CWempe
commented
5 years ago I think I will try this: https://boxboat.com/2017/07/25/fixuid-change-docker-container-uid-gid/
Fullaxx
commented
5 years ago ok, let me make sure I understand the problem that we are attempting to solve: The files in the output directory are owned as root? and there should be a more convenient way to interact with completed files on the host with your host user?
CWempe
commented
5 years ago Yes.
the container saves the downloaded files as root:root in the /out folder.
My Host is sharing this folder via samba.
Having files as root:root in a samba share does not work great in my experience.
A dirty work around would be to chown/chmod the files via cronjob. 😄
I think the hardest part of this issue is to run the vnc server as non-root if that is even possible.
Or to run vnc server as root but BiglyBT as non-root in the correct vnc session.
Fullaxx
commented
5 years ago After talking with a friend of mine (who is much more knowledgeable on docker than myself) he suggested creating a user in the container to run VNC/OpenBox/BiglyBT and using ENV variables to map that container user to a host user. I will look into this over the next couple days.
CWempe
commented
5 years ago Just a quick update.
I am successfully running BiglyBT as another user and can see it via vnc. :)
diff --git a/Dockerfile b/Dockerfile
index 3c04035..700c5a9 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -7,12 +7,14 @@ MAINTAINER Brett Kuskie <fullaxx@gmail.com>
# Set environment variables
ENV DEBIAN_FRONTEND noninteractive
ENV LANG C
+ENV BIGLYBT_USER biglybt
# ------------------------------------------------------------------------------
# Install openjdk-8 and clean up
@@ -23,26 +25,33 @@ RUN apt-get update && \
apt-get clean && \
rm -rf /var/lib/apt/lists/* /var/tmp/* /tmp/*
+RUN groupadd -g 1000 ${BIGLYBT_USER} && \
+ useradd -rm -d /home/${BIGLYBT_USER} -s /bin/bash -u 1000 -g 1000 ${BIGLYBT_USER}
+
# ------------------------------------------------------------------------------
# Install BiglyBT
RUN wget -q https://files.biglybt.com/installer/BiglyBT_Installer.sh \
- -O /app/BiglyBT_Installer.sh && chmod +x /app/BiglyBT_Installer.sh && \
- USER="root" app_java_home="/usr/lib/jvm/java-11-openjdk-amd64/" /app/BiglyBT_Installer.sh -q && \
+ -O /app/BiglyBT_Installer.sh && \
+ chmod +x /app/BiglyBT_Installer.sh && \
+ chown ${BIGLYBT_USER}:${BIGLYBT_USER} /app/BiglyBT_Installer.sh && \
+ echo "su biglybt -c '/usr/local/biglybt/biglybt' &" >> /root/.config/openbox/autostart && \
echo >> /root/.config/openbox/autostart && \
- echo "/usr/local/biglybt/biglybt &" >> /root/.config/openbox/autostart && \
+ USER="${BIGLYBT_USER}" app_java_home="/usr/lib/jvm/java-11-openjdk-amd64/" /app/BiglyBT_Installer.sh -q && \
rm /app/BiglyBT_Installer.sh
# ------------------------------------------------------------------------------
# Provide default BiglyBT config
COPY conf/biglybt.config /usr/share/biglybt/biglybt.config.default
+RUN chown ${BIGLYBT_USER}:${BIGLYBT_USER} /usr/share/biglybt/biglybt.config.default
# ------------------------------------------------------------------------------
# Install startup scripts
COPY app/*.sh /app/
+RUN chown ${BIGLYBT_USER}:${BIGLYBT_USER} -R /app/
# ------------------------------------------------------------------------------
# Identify Volumes
-VOLUME /root/.biglybt
+VOLUME /home/${BIGLYBT_USER}/.biglybt
VOLUME /in
VOLUME /outdiff --git a/app/biglybtcheck.sh b/app/biglybtcheck.sh
index 7b62b7c..034486d 100755
--- a/app/biglybtcheck.sh
+++ b/app/biglybtcheck.sh
@@ -6,14 +6,14 @@ mkdir -p /out/torrents
mkdir -p /out/complete
mkdir -p /out/processing
-mkdir -p /root/.biglybt
+mkdir -p /home/${BIGLYBT_USER}/.biglybt
# if we have a new BiglyBT config file (/config/biglybt.config) use it
if [ -r /config/biglybt.config ]; then
- cp /config/biglybt.config /root/.biglybt/
+ cp /config/biglybt.config /home/${BIGLYBT_USER}/.biglybt/
fi
# if we have no config, use the default
-if [ ! -r /root/.biglybt/biglybt.config ]; then
- cp /usr/share/biglybt/biglybt.config.default /root/.biglybt/biglybt.config
+if [ ! -r /home/${BIGLYBT_USER}/.biglybt/biglybt.config ]; then
+ cp /usr/share/biglybt/biglybt.config.default /home/${BIGLYBT_USER}/.biglybt/biglybt.config
fi
\ No newline at end of filediff --git a/app/tiger.sh b/app/tiger.sh
index 5316c16..3e1daef 100755
--- a/app/tiger.sh
+++ b/app/tiger.sh
@@ -27,7 +27,7 @@ fi
/etc/init.d/x11-common start
/etc/init.d/dbus start
-/app/biglybtcheck.sh
+su biglybt -c "/app/biglybtcheck.sh"
/app/openvpn.sh || bail "openvpn startup failed!"
exec tigervncserver -fg -localhost no ${VNCAUTH} \Open issues:
/in and /out/app/*scripts might be able to stay root:rootFullaxx
commented
5 years ago Thanks for this! I incorporated some into the base image and some into this image. Let me know if you seen any issues.
The files created inside the volumes are owned by root.
It would be better if you could define the User/UID.
I don't know wich method is the best:
I am not sure I can change this myself, because I think it will be complicated to change the image to run BiglyBT as
non-root. But I will try.@Fullaxx Is this something you could and would do? :)
Anyway. Thanks for the work.