phdelodder
commented
2 weeks ago Good proposal!
Can you do a pull request?
Closed acht closed 1 week ago
phdelodder
commented
2 weeks ago Good proposal!
Can you do a pull request?
acht
commented
2 weeks ago no, I modified my container (not the image).
A easy solution should be:
exec gosu deconz /usr/bin/deCONZ $DECONZ_OPTS || exec /usr/bin/deCONZ $DECONZ_OPTS
The second part is only executed if the first part is not successful. But I have not tested if it makes problem when stopping the container. (If deconz stops wit an error it will be started again.)
Probably better is:
exec gosu deconz : && exec gosu deconz /usr/bin/deCONZ $DECONZ_OPTS || exec /usr/bin/deCONZ $DECONZ_OPTS
Sorry, the code is untested. I have no experience with gosu and not much with docker.
phdelodder
commented
2 weeks ago I can try to make a test/dev build, most likely during the weekend
Op wo 10 jul 2024 21:43 schreef acht @.***>:
no, I modified my container (not the image).
A easy solution should be:
exec gosu deconz /usr/bin/deCONZ $DECONZ_OPTS || exec /usr/bin/deCONZ $DECONZ_OPTS
The second part is only executed if the first part is not successful. But I have not tested if it makes problem when stopping the container. (If deconz stops wit an error it will be started again.)
Probably better is:
exec gosu deconz : && exec gosu deconz /usr/bin/deCONZ $DECONZ_OPTS || exec /usr/bin/deCONZ $DECONZ_OPTS
- it tests gosu (execute a no-op as deconz user)
- if the test was successful it uses gosu
- else it executes directly.
Sorry, the code is untested. I have no experience with gosu and not much with docker.
— Reply to this email directly, view it on GitHub https://github.com/deconz-community/deconz-docker/issues/256#issuecomment-2221290619, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABXMM25ULNGDJ6Z6GACUCADZLWFHZAVCNFSM6AAAAABKVJWUMGVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDEMRRGI4TANRRHE . You are receiving this because you commented.Message ID: @.***>
phdelodder
commented
2 weeks ago @acht can you test with https://github.com/deconz-community/deconz-docker/pkgs/container/deconz-docker/242293811?tag=dev ? Don't know if the approach is going to work.
acht
commented
2 weeks ago I added -e NON_ROOT=1 to docker run.
changes in start.sh: Line 29: GOSU="gosu deconz"
Line 183: exec $GOSU /usr/bin/deCONZ $DECONZ_OPTS
(otherwise you execute deconz (username) not the command)
After the changes it is working! I like the idea.
phdelodder
commented
2 weeks ago Thanks for the feedback, made the needed changes. Could please retest?
acht
commented
2 weeks ago @phdelodder : do you have a new link? Or should I use the image from the link above?
phdelodder
commented
2 weeks ago acht
commented
1 week ago Thanks! The container starts without problems.
phdelodder
commented
1 week ago I'll merge it
I run and start the container as non root user. As result the /start.sh (container entry point) fails on the line
exec gosu deconz /usr/bin/deCONZ $DECONZ_OPTS
The container just stops.
It is not possible to change the user. To change the user is not really needed in my opinion. It is a container that has no special privileges.
So my request would be to test if a "gosu" is possible. If not the command should be executed directly. I changed /start.sh and changed the line to
exec /usr/bin/deCONZ $DECONZ_OPTS
Now my container starts and is working.
In addition the "chown" commands report errors based on the same missing privileges.
To add an command-line switch to the container to avoid gosu and chown operations would be an other solution.
To reproduce the problem just switch to an ordinary user and run the docker commands as ordinary user. I am running the stable container from yesterday.