search

LLNL / radiuss-docker

Automated builds of Docker container bases for RADIUSS projects
MIT License
2 stars 0 forks source link

Consistent USER in container #1

Open vsoch opened 2 years ago

vsoch commented 2 years ago

Typically it's easiest to just ignore the user and be careful to not install anything in root's home, which means it will be root for the base when run with Docker, but more likely just the user on the cluster in the case of Singularity. So I'm wondering if this is needed:

useradd -ms /bin/bash axom
printf "axom:axom" | chpasswd
adduser axom sudo
printf "axom ALL= NOPASSWD: ALL\\n" >> /etc/sudoers

And if so, if there should be a standard RADIUSS user like radius? Under what scenario do we need a user named axom that has sudo? ping @davidbeckingsale

davidbeckingsale commented 2 years ago

I don't think it's necessary, probably just set it up that way because one of us thought it was the right thing to do when we made these initially.

Looks like the axom tpl images but should be easy to change.

It's better to use whatever the best practice is.

vsoch commented 2 years ago

My instinct is that the base containers should be agnostic to users, e.g., if a special user or permission is needed, said user can be added on the level of the project repo (and probably not the base). But wanted to just open an issue to discuss in case there was a reason for a global one!