uid mapping problem with ubuntu-24.04 base image

[MawKKe]

Problem

Using image ubuntu-24.04 (latest/dd2da503391d) as base for a devcontainer builds and launches normally, but the vscode user cannot create or modify files due to the fact that vscode uid is 1001 and the mounted workspace is owned by uid 1000.

(I am unsure how the ID mapping works between host and container; my host user also happens to have uid 1000, which might obfuscate the underlying issue. )

The problem seems to be caused by the image containing extra user named ubuntu that has been given the uid 1000 before user vscode has been created. I can create an modify files as that user via sudo su - ubuntu.

The problem does not appear with to ubuntu-22.04 or earlier, which do not have the extra ubuntu user:

$ docker run -it --rm mcr.microsoft.com/devcontainers/base:ubuntu-24.04 grep -E '(vscode|ubuntu)' /etc/passwd
ubuntu:x:1000:1000:Ubuntu:/home/ubuntu:/bin/bash
vscode:x:1001:1001::/home/vscode:/bin/bash

$ docker run -it --rm mcr.microsoft.com/devcontainers/base:ubuntu-22.04 grep -E '(vscode|ubuntu)' /etc/passwd
vscode:x:1000:1000::/home/vscode:/bin/bash

Workaround

I added this to my Dockerfile right after the FROM line:

RUN userdel -r ubuntu || true

Now rebuilding and launching the image works as expected.

[MawKKe]

It seems the devcontainer images are based on these https://hub.docker.com/_/buildpack-deps/ which themselves are based on the official ubuntu images https://hub.docker.com/_/ubuntu

Apparently the extra user originates from there:

$ docker run -it --rm ubuntu:22.04 grep 'ubuntu' /etc/passwd || echo nothing
nothing
$ docker run -it --rm ubuntu:24.04 grep 'ubuntu' /etc/passwd || echo nothing
ubuntu:x:1000:1000:Ubuntu:/home/ubuntu:/bin/bash

[samruddhikhandale]

Hi 👋

It seems the devcontainer images are based on these https://hub.docker.com/_/buildpack-deps/ which themselves are based on the official ubuntu images https://hub.docker.com/_/ubuntu

Yes, that's correct! With the newer release of noble, the official ubuntu image added a new ubuntu user with gid/uid:1000. This started conflicting with with vscode:1000.

Hence, we decided to let vscode's UID/GID update as we didn't want to update (rename/delete/update) the ubuntu user provided by the base image.

This is not the case with focal and jammy, hence the vscode:1000 is intact.

https://github.com/devcontainers/images/pull/1036 mentions the same thing in the description!

[MawKKe]

So is the image supposed to work with UID 1001 just as before? For now it is not, not at least for me.

(Of course it is possible that there is something unrelated going on with my setup)

[schlegel11]

I have the exact same problem :wink: I can see that merge #1036 fixes the overall image build issue but not the issue that a mapping to the host system is currently done with a wrong uid or at least wrong for the default user's uid for most of us.

[fnkr]

Adding this to my Dockerfile to fix it:

# Using mcr.microsoft.com/devcontainers/base:ubuntu-24.04 as base image
RUN userdel -r ubuntu; usermod -u 1000 vscode; groupmod -g 1000 vscode

[wjrogers]

If the user's local UID on the host system is 1000, the devcontainer cannot work correctly because the remote user's UID can't be re-mapped to 1000. (The ubuntu user is already using UID 1000.)

[samruddhikhandale]

Thanks, everyone, for your thoughts on this issue. We briefly revisited the discussion in this issue.

@gauravsaini04, can you prioritize working on this? For the noble distro, let's remove the ubuntu user and allow the vscode user to reclaim the UID and GID 1000. Additionally, let's add back the pinning in common-utils.

Please remember that we need to make changes for base-ubuntu and dotnet as well. Thanks!

[gauravsaini04]

Have raised pr #1170