ghost
commented
1 year ago 👇 Click on the image for a new way to code review
- Make big changes easier — review code in small groups of related files - Know where to start — see the whole change at a glance - Take a code tour — explore the change with an interactive tour - Make comments and review — all fully sync’ed with github [Try it now!](https://app.codesee.io/r/reviews?pr=426&src=https%3A%2F%2Fgithub.com%2Fdocker-slim%2Fdocker-slim)
Legend
Sensor typically needs to run as root while the target app may need to use a less privileged user. By default, conainer runtimes (like Docker) set the HOME env var upon container startup based on the container's user and the corresponding record in the /etc/passwd file in the image (if any, "/" otherwser). However, instrumented container's user is often different from the target app's user. Thus, sensor needs extra logic to restore the right HOME var doing similar computations.
NB: Having HOME env var set is mandatory in accordance with POSIX.