Root user issues

[namnoit]

Hi guy,

I'm using an image based on x11docker/deepin to work with hadoop: x11docker --desktop --init=systemd --home --sudouser --hostnet --cap-default -- --cap-add=IPC_LOCK --security-opt seccomp=unconfined -- myimage

When I start hadoop, it require root@0.0.0.0's password. I don't know this password. If I follow this, it still require root's password. If I change root password using sudo passwd root, and type this password when required, I got

Permission denied, please try again.

When I start x11docker with --user=root, it works fine, but I was unable to start chrome or firefox with this error:

<warning> startmanager.go:552: [/bin/sh -c export GIO_LAUNCHED_DESKTOP_FILE_PID=$$;exec /usr/bin/cgexec -g memory,freezer,blkio:c1@dde/uiapps/5 /usr/bin/google-chrome-stable]: exit status 1
<info> checker.go:288: process memory: /usr/share/applications/google-chrome.desktop c1@dde/uiapps/5 0 open /sys/fs/cgroup/memory/c1@dde/uiapps/5/cgroup.procs: no such file or directory

Even if I can use chrome/firefox, I think it isn't a good idea when start docker as root.

Thank you.

[mviereck]

With option --sudouser x11docker prints a message including the password:

x11docker WARNING: Option --sudouser severly reduces container security.
  Container gains additional capabilities to allow sudo and su.
  If an application breaks out of container, it can harm your system
  in many ways without you noticing. Password: x11docker

x11docker --help also shows the password:

     --sudouser        Allow su and sudo for container user. Use with care,
                       severe reduction of default x11docker security!
                         Password:  x11docker

So the password is x11docker.

[namnoit]

It still Permission denied, but I found the solution that place Hadoop folder in ~/ folder instead of / folder. But I can't build it with Dockerfile

[mviereck]

Please open a new ticket for a new issue. Please describe there in detail what the problem is.