Open jlsalmon opened 9 months ago
First, I think we should fix Homebrew so it doesn't insist on running as a non-root. It already has some container-specific logic: https://github.com/Homebrew/install/blob/master/install.sh#L327-L330 And actually I hoped that it would work inside macOS containers. Need to debug a bit why it cannot (we ARE inside containerd and inside docker after all!).
But you'll very soon hit the next problem: Homebrew tries to install Xcode Build Tools, they try to show GUI dialog, but fail because we have no GUI. And thaaaat is a very much less trivial problem. https://github.com/macOScontainers/rund/issues/16 is created to search for the solution.
WRT you direct question about additional container users - I honestly have no idea! I didn't dig in that direction yet.
Gotcha, thanks @slonopotamus, I will watch #16. I guess at this point I wouldn’t mind running everything as root inside the container.
For history, this is how sysadminctl
fails:
sysadminctl -addUser username -password password
2023-09-28 17:18:04.312 sysadminctl[10432:130389] ### Error:-14071 File:/AppleInternal/Library/BuildRoots/d9889869-120b-11ee-b796-7a03568b17ac/Library/Caches/com.apple.xbs/Sources/Admin/DSNode.m Line:612
2023-09-28 17:18:04.312 sysadminctl[10432:130389] ### Error:-14071 File:/AppleInternal/Library/BuildRoots/d9889869-120b-11ee-b796-7a03568b17ac/Library/Caches/com.apple.xbs/Sources/Admin/DSNode.m Line:565
2023-09-28 17:18:04.312 sysadminctl[10432:130389] ### Error:-14071 File:/AppleInternal/Library/BuildRoots/d9889869-120b-11ee-b796-7a03568b17ac/Library/Caches/com.apple.xbs/Sources/Admin/DSNode.m Line:612
2023-09-28 17:18:04.324 sysadminctl[10432:130389] Failed to authenticate with SystemAdministration framework.
Good day sir,
My goal is to create a base image with Homebrew installed, but Homebrew seems to refuse to run as root at all. So, I started trying to create a regular admin user from a shell.
All my attempts at using
sysadminctl
were unsuccessful, throwing errors that I don’t yet understand.Question: in general, is creating additional non-root users something that is eventually possible?
Note: I haven’t tried the
USER
dockerfile directive yet.