search

mingchen / docker-android-build-box

An optimized docker image includes Android, Kotlin, Flutter sdk.
https://hub.docker.com/r/mingc/android-build-box/
MIT License
556 stars 233 forks source link

Use non-root uid/gid in container #166

Closed hellodword closed 9 months ago

hellodword commented 11 months ago 
docker run -it --rm \
    -v /path/to/project:/project  -w /project \
    --user $(id -u):$(id -g) \
    mingc/android-build-box bash

Will get error:

> java.io.IOException: Unable to create debug keystore in /opt/android-sdk/.android because it is not writable.
master-bob commented 11 months ago

Okay. What is it that you are trying to do? Why do you need a non-root user within the container?

e: Oh and the working directory by default is /project, just FYI.

hellodword commented 11 months ago

Why do you need a non-root user within the container?

I develop projects on host with normal user, with default root user in the container, the generated files will not be r/w for host normal user.

And it seems that using non-root user in containers is good for docker security.

master-bob commented 11 months ago

Excellent. Seems like you have a solid understanding of the problem. Please make a pull request with the necessary changes! Thanks!

e: And happy holidays!

github-actions[bot] commented 9 months ago

This issue is stale because it has been open 45 days with no activity. Remove stale label or comment or this will be closed in 7 days.