Adding users in Docker container running RStudio that can use RStudio Addins

[MarkEdmondson1234]

Everything works as you have documented for a inital user who has ROOT access.

But when I add another user I don't know how to get the same user access - I'd like the option that they too can be ROOT, so they can install packages as well.

I'm a linux newbie so this is probably easy enough to do.

At the moment I'm adding users via:

docker exec myrstudio adduser newuser --gecos 'First Last,RoomNumber,WorkPhone,HomePhone' --disabled-password

docker exec myrstudio sh -c 'echo newuser:password | sudo chpasswd'

I'm also running into a problem I think related: when a non-root RStudio user tries to run an RStudio Addin - it does not have permission access to the package files to run correctly. Perhaps the rstudiouser needs access to the package files?

[cboettig]

A user should not need root access to install R packages, only to install system libraries via apt-get. Can you give an example of what you are trying to install?

As for adding users, what you are doing is fine. To give users root access, add them to sudoers, as you would on any linux system (Google is pretty good on instructions here, remembering that these images are Debian-based). e.g. you can see what we do in the userconf.sh file:

adduser $USER sudo && echo '%sudo ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers

(note this also allows sudo commands to run without first entering the user's password; which can be convenient for some applications (e.g. non-interactive scripts needing root privileges) but may not be what you want.

Lastly, depending on what you are trying to install, you might want to see if it is already available in a downstream image, like rocker/verse

[MarkEdmondson1234]

Ok thanks, I see now the new user can install packages. I guess then its just this issue with the RStudio addin.

I'm using cronR that makes a useful interface for cron jobs. Works fine with first root user, but the second user gets this error:

Listening on http://127.0.0.1:6839
Warning in gzfile(file, mode) :
  cannot open compressed file '/usr/local/lib/R/site-library/cronR/extdata/RscriptRepository.rds', probable reason 'Permission denied'
Warning: Error in gzfile: cannot open the connection
Stack trace (innermost first):
    69: gzfile
    68: saveRDS
    67: observeEventHandler
     3: shiny::runApp
     2: shiny::runGadget
     1: cronR:::cron_rstudioaddin

Would this user need root to use addins? Or does the rstudio user need permissions perhaps?

[cboettig]

@MarkEdmondson1234 Addins are distributed & installed as normal R packages, so a user should be able to install them just fine.

Based on your error message, your problem might be a Docker networking thing instead of anything to do with ports. I see your error mentions Listening on http://127.0.0.1:6839

Now 127.0.0.1 is not exposed outside the container; you have to use 0.0.0.0 as the host to be accessible (just as in any standard linux server config; think of the docker container as a remote machine). Likewise, you have to make sure to expose that port when running the container, e.g. include -p 6839:6839 or the port won't be available.

If you give me a fully reproducible set of steps starting with the docker command you ran and then the commands in RStudio, I might be able to troubleshoot better

[MarkEdmondson1234]

Thanks @cboettig - ok perhaps it is the ports but wouldn't that also affect the original root user?

Fortunately with this application its easy to give you an example as I can just spin up a test VM for you to log in with :) I see now that even the second user can't install packages.

Test VM up here for a week:

http://104.155.65.64/

First user was made using ROOT=TRUE

user: test pw: test123

docker run -p 80:8787 \
             -e "ROOT=TRUE" \
            -e "R_LIBS_USER=/library/" \
           -e USER=test -e PASSWORD=test123 \
            -v /home/gcer/library/:/library/ \
           --name=rstudio

Second user added via my first comment in this thread:

user: test2 pw: test123

docker exec myrstudio adduser test2 --gecos 'First Last,RoomNumber,WorkPhone,HomePhone' --disabled-password

docker exec myrstudio sh -c 'echo test2:test123 | sudo chpasswd'

problem

The first root test user can install R packages, the second can not.

Full build script

The above are the SSH commands being passed in, but they themselves are called by the functions below from https://github.com/cloudyr/googleComputeEngineR

library(googleComputeEngineR)
vm <- gce_vm(template = "rstudio-hadleyverse", 
                          name = "debug1", 
                          username = "test", password = "test123")
gce_check_container(vm, "rstudio")
## wait for installation
# ...
# ...
gce_rstudio_adduser(vm, username = "test2", password = "test123")

##
Adding user `test2' ...
Adding new group `test2' (1001) ...
Adding new user `test2' (1001) with group `test2' ...
Creating home directory `/home/test2' ...
Copying files from `/etc/skel' ...
rstudio
test
test2
==Google Compute Engine Instance==

Name:                debug1
Created:             2016-11-28 11:49:02
Machine Type:        f1-micro
Status:              RUNNING
Zone:                europe-west1-b
External IP:         104.155.65.64
Disks: 
        deviceName       type       mode boot autoDelete
1 debug1-boot-disk PERSISTENT READ_WRITE TRUE       TRUE

[cboettig]

Good point; add any new user to the group "staff" like we do in userconf.sh to give them write access to the R site library

[eddelbuettel]

Or (worse) make the directory 777.

[MarkEdmondson1234]

Adding the user to staff did it, thanks!

sudo adduser username staff