cqfd helps running commands inside the Docker container configured for your project, keeping the user and working directory the same inside the container
GNU General Public License v3.0
64
stars
31
forks
source link
Files ownership issue when host user has no user group #123
Context: Using cqfd from a host user (jenkins) who has no user group. For example, on our server, jenkins belongs to the docker group only (which is its primary group).
Expected: commands run by cqfd inherits the credentials/ownership of the host user. Especially files generated by cqfd encapsulated commands have the same user and group than the files generated without cqfd. In our case, generated files should be owned by jenkins:docker (user jenkings group docker).
Observed: files generated within cqfd are owned by jenkins:jenkins instead of jenkins:docker
Correction proposal (TBC): In make_launch() bash function, useradd should be called with the --no-user-group option to make the docker user consistent with the host user (that is with the same primary group).
Context: Using cqfd from a host user (jenkins) who has no user group. For example, on our server, jenkins belongs to the docker group only (which is its primary group).
Expected: commands run by cqfd inherits the credentials/ownership of the host user. Especially files generated by cqfd encapsulated commands have the same user and group than the files generated without cqfd. In our case, generated files should be owned by jenkins:docker (user jenkings group docker).
Observed: files generated within cqfd are owned by jenkins:jenkins instead of jenkins:docker
Correction proposal (TBC): In make_launch() bash function, useradd should be called with the --no-user-group option to make the docker user consistent with the host user (that is with the same primary group).