### Dockerfile: Base setup with startup script Source: https://context7.com/boxboat/fixuid/llms.txt This Dockerfile sets up a base environment using a Node.js Alpine image. It creates a non-root user, downloads and installs fixuid, and configures a startup script. The USER directive switches to the non-root user before setting the WORKDIR and ENTRYPOINT. ```dockerfile FROM node:16-alpine RUN addgroup -g 1000 docker && \ adduser -u 1000 -G docker -h /home/docker -s /bin/sh -D docker RUN USER=docker && \ GROUP=docker && \ curl -SsL https://github.com/boxboat/fixuid/releases/download/v0.6.0/fixuid-0.6.0-linux-amd64.tar.gz | tar -C /usr/local/bin -xzf - && \ chown root:root /usr/local/bin/fixuid && \ chmod 4755 /usr/local/bin/fixuid && \ mkdir -p /etc/fixuid && \ printf "user: $USER\ngroup: $GROUP\n" > /etc/fixuid/config.yml COPY startup.sh /usr/local/bin/startup.sh RUN chmod +x /usr/local/bin/startup.sh USER docker:docker WORKDIR /app ENTRYPOINT ["/usr/local/bin/startup.sh"] ``` -------------------------------- ### Dockerfile: Debian/Ubuntu fixuid setup Source: https://context7.com/boxboat/fixuid/llms.txt This Dockerfile is for Debian/Ubuntu based images and shows how to create a user and group using `addgroup` and `adduser`. It then installs curl and downloads/installs fixuid, configuring it for the created user. ```dockerfile # Debian/Ubuntu based image FROM ubuntu:22.04 RUN addgroup --gid 1000 docker && \ adduser --uid 1000 --ingroup docker --home /home/docker --shell /bin/sh --disabled-password --gecos "" docker RUN USER=docker && \ GROUP=docker && \ apt-get update && apt-get install -y curl && \ curl -SsL https://github.com/boxboat/fixuid/releases/download/v0.6.0/fixuid-0.6.0-linux-amd64.tar.gz | tar -C /usr/local/bin -xzf - && \ chown root:root /usr/local/bin/fixuid && \ chmod 4755 /usr/local/bin/fixuid && \ mkdir -p /etc/fixuid && \ printf "user: $USER\ngroup: $GROUP\n" > /etc/fixuid/config.yml USER docker:docker ENTRYPOINT ["fixuid"] CMD ["/bin/bash"] ``` -------------------------------- ### Dockerfile: Node.js development container setup Source: https://context7.com/boxboat/fixuid/llms.txt This Dockerfile is a starting point for a Node.js development container using the official Node.js 18 Alpine image. It is intended to be further configured with fixuid installation and user setup, similar to the Python example. ```dockerfile FROM node:18-alpine ``` -------------------------------- ### Dockerfile: Fedora/RHEL fixuid setup Source: https://context7.com/boxboat/fixuid/llms.txt This Dockerfile is for Fedora/RHEL based images, using `groupadd` and `useradd` for user creation. It installs curl, downloads and installs fixuid, and configures it for the specified user and group. ```dockerfile # Fedora/RHEL based image FROM fedora:38 RUN groupadd -g 1000 docker && \ useradd -u 1000 -g docker -d /home/docker -s /bin/sh docker RUN USER=docker && \ GROUP=docker && \ dnf install -y curl && \ curl -SsL https://github.com/boxboat/fixuid/releases/download/v0.6.0/fixuid-0.6.0-linux-amd64.tar.gz | tar -C /usr/local/bin -xzf - && \ chown root:root /usr/local/bin/fixuid && \ chmod 4755 /usr/local/bin/fixuid && \ mkdir -p /etc/fixuid && \ printf "user: $USER\ngroup: $GROUP\n" > /etc/fixuid/config.yml USER docker:docker ENTRYPOINT ["fixuid"] CMD ["/bin/sh"] ``` -------------------------------- ### Install fixuid in Dockerfile Source: https://context7.com/boxboat/fixuid/llms.txt This Dockerfile snippet demonstrates how to install fixuid in an Alpine Linux-based container. It creates a non-root user, downloads and sets up the fixuid binary with setuid permissions, configures it, and sets it as the container's entrypoint. ```dockerfile FROM alpine:latest # Create a non-root user and group with UID/GID 1000 RUN addgroup -g 1000 docker && \ adduser -u 1000 -G docker -h /home/docker -s /bin/sh -D docker # Download and install fixuid binary RUN USER=docker && \ GROUP=docker && \ curl -SsL https://github.com/boxboat/fixuid/releases/download/v0.6.0/fixuid-0.6.0-linux-amd64.tar.gz | tar -C /usr/local/bin -xzf - && \ chown root:root /usr/local/bin/fixuid && \ chmod 4755 /usr/local/bin/fixuid && \ mkdir -p /etc/fixuid && \ printf "user: $USER\ngroup: $GROUP\n" > /etc/fixuid/config.yml # Set the container to run as the non-root user USER docker:docker # Configure fixuid as the entrypoint ENTRYPOINT ["fixuid"] # Default command can be overridden at runtime CMD ["/bin/sh"] ``` -------------------------------- ### Integrate fixuid into Container Startup Script Source: https://context7.com/boxboat/fixuid/llms.txt This bash script demonstrates integrating fixuid into a container's initialization process. Instead of using fixuid as the entrypoint, this approach allows for more complex setup sequences. The `eval $(fixuid)` command runs fixuid and sets environment variables like `HOME` based on its output, followed by application startup commands. ```bash #!/bin/sh # startup.sh - Container initialization script # Run fixuid and evaluate its output to set environment variables # When $HOME is "/", fixuid exports the correct HOME directory eval $(fixuid) # Verify the remapping occurred echo "Running as UID: $(id -u), GID: $(id -g)" echo "Home directory: $HOME" # Continue with application startup cd /app npm install npm start ``` -------------------------------- ### Install and Configure fixuid in Dockerfile Source: https://context7.com/boxboat/fixuid/llms.txt Installs the fixuid binary, sets proper file permissions, and generates a configuration file. It ensures the container can remap the specified user and group to the host's UID/GID for defined directories. ```Dockerfile RUN USER=node && \ GROUP=node && \ apk add --no-cache curl && \ curl -SsL https://github.com/boxboat/fixuid/releases/download/v0.6.0/fixuid-0.6.0-linux-amd64.tar.gz | tar -C /usr/local/bin -xzf - && \ chown root:root /usr/local/bin/fixuid && \ chmod 4755 /usr/local/bin/fixuid && \ mkdir -p /etc/fixuid && \ printf "user: $USER\ngroup: $GROUP\npaths:\n - /home/node\n - /app\n" > /etc/fixuid/config.yml WORKDIR /app USER node:node ENTRYPOINT ["fixuid", "-q", "sh", "-c"] CMD ["npm install && npm start"] ``` -------------------------------- ### Bash: Run Python container with volume mount Source: https://context7.com/boxboat/fixuid/llms.txt This command runs a Docker container based on the `python-fixuid` image (presumably built from the previous Dockerfile). It mounts the current directory (`$(pwd)`) to `/app` inside the container. The container is run with the host's user and group ID (`-u $(id -u):$(id -g)`), and executes commands to install Python requirements and run `app.py`. ```bash # Run Python container with local source code mounted docker run --rm -it \ -u $(id -u):$(id -g) \ -v $(pwd):/app \ python-fixuid sh -c "pip install -r requirements.txt && python app.py" ``` -------------------------------- ### Install and Configure fixuid in Dockerfile Source: https://github.com/boxboat/fixuid/blob/master/README.md This Dockerfile snippet installs the fixuid binary, sets its ownership and permissions (including the setuid bit), and creates a configuration file specifying the target user and group. It assumes `curl` is available in the container. ```dockerfile RUN USER=docker && \ GROUP=docker && \ curl -SsL https://github.com/boxboat/fixuid/releases/download/v0.6.0/fixuid-0.6.0-linux-amd64.tar.gz | tar -C /usr/local/bin -xzf - && \ chown root:root /usr/local/bin/fixuid && \ chmod 4755 /usr/local/bin/fixuid && \ mkdir -p /etc/fixuid && \ printf "user: $USER\ngroup: $GROUP\n" > /etc/fixuid/config.yml ``` -------------------------------- ### Dockerfile: Python development container with fixuid Source: https://context7.com/boxboat/fixuid/llms.txt This Dockerfile sets up a Python 3.11 environment. It creates a non-root user 'developer', installs fixuid, and configures it to manage ownership for `/home/developer` and `/app`. It sets the working directory and switches to the 'developer' user before defining the entrypoint and default command. ```dockerfile FROM python:3.11-slim # Create non-root user RUN groupadd -g 1000 developer && \ useradd -u 1000 -g developer -d /home/developer -s /bin/bash -m developer # Install fixuid RUN apt-get update && apt-get install -y curl && \ USER=developer && \ GROUP=developer && \ curl -SsL https://github.com/boxboat/fixuid/releases/download/v0.6.0/fixuid-0.6.0-linux-amd64.tar.gz | tar -C /usr/local/bin -xzf - && \ chown root:root /usr/local/bin/fixuid && \ chmod 4755 /usr/local/bin/fixuid && \ mkdir -p /etc/fixuid && \ printf "user: $USER\ngroup: $GROUP\npaths:\n - /home/developer\n - /app\n" > /etc/fixuid/config.yml && \ apt-get clean WORKDIR /app USER developer:developer ENTRYPOINT ["fixuid", "-q"] CMD ["/bin/bash"] ``` -------------------------------- ### Set fixuid as Entrypoint and Default User in Dockerfile Source: https://github.com/boxboat/fixuid/blob/master/README.md Configures the Docker container to run as the specified non-root user and sets `fixuid` as the entrypoint. This ensures `fixuid` runs automatically when the container starts. ```dockerfile USER docker:docker ENTRYPOINT ["fixuid"] ``` -------------------------------- ### Docker Compose Configuration with fixuid Source: https://github.com/boxboat/fixuid/blob/master/README.md This `docker-compose.yml` example sets default UID and GID values for a service using environment variables. Developers can override these defaults using environment variables or a `.env` file to match their host UID/GID. ```yaml nginx: image: my-nginx user: ${FIXUID:-1000}:${FIXGID:-1000} volumes: - ./nginx:/etc/nginx - ./www:/var/www ``` -------------------------------- ### Run Docker Containers with fixuid Remapping Source: https://context7.com/boxboat/fixuid/llms.txt This section provides bash commands for running Docker containers with UID/GID remapping using fixuid. It shows how to manually specify user/group IDs, dynamically pass the host's IDs using `$(id -u):$(id -g)`, and run containers with volume mounts to verify permission synchronization. ```bash # Run container with specific UID/GID docker run --rm -it -u 1001:1002 my-dev-image sh # Get current user's UID/GID and pass to container docker run --rm -it -u $(id -u):$(id -g) my-dev-image /bin/bash # Run with volume mount to demonstrate permission sync docker run --rm -it \ -u $(id -u):$(id -g) \ -v $(pwd):/workspace \ my-dev-image sh -c "cd /workspace && touch test-file && ls -la test-file" ``` -------------------------------- ### Run Container with Host UID/GID Source: https://github.com/boxboat/fixuid/blob/master/README.md This command demonstrates how to run a Docker container, overriding the default user/group with the host's UID/GID. Replace `1000:1000` with the actual UID/GID of the host system. ```bash docker run --rm -it -u 1000:1000 sh ``` -------------------------------- ### Dockerfile: Configure quiet mode in entrypoint Source: https://context7.com/boxboat/fixuid/llms.txt This Dockerfile snippet configures the entrypoint to run fixuid in quiet mode. It first sets the user and group, then specifies `fixuid -q` as the entrypoint and `/bin/bash` as the default command. ```dockerfile # Configure quiet mode in Dockerfile entrypoint USER docker:docker ENTRYPOINT ["fixuid", "-q"] CMD ["/bin/bash"] ``` -------------------------------- ### Execute Container with Host UID/GID Mapping Source: https://context7.com/boxboat/fixuid/llms.txt Demonstrates running a containerized application while mapping host user IDs to the container. This allows local development tools to access files created within the container without permission errors. ```bash docker run --rm -it \ -u $(id -u):$(id -g) \ -v $(pwd):/app \ -p 3000:3000 \ node-fixuid "npm run dev" ``` -------------------------------- ### Bash: Build and run test image for ownership verification Source: https://context7.com/boxboat/fixuid/llms.txt This sequence of bash commands first builds a Docker image named `fixuid-test` from the current Dockerfile. It then runs a container from this image, using specific user and group IDs (`-u 1001:1002`), and executes a shell script to demonstrate file ownership changes before and after fixuid runs. ```bash # Build test image docker build -t fixuid-test . # Run container and verify ownership docker run --rm -it -u 1001:1002 fixuid-test sh -c " echo 'Before fixuid:' && \ ls -la /home/docker && \ echo 'User info:' && \ id && \ echo 'Creating new file:' && \ touch /home/docker/new-file && \ ls -la /home/docker/new-file " ``` -------------------------------- ### Integrate fixuid into Startup Scripts (Shell) Source: https://github.com/boxboat/fixuid/blob/master/README.md Run fixuid as part of a container's startup script. This method requires evaluating the output of `fixuid` to set environment variables like HOME. Supplementary groups are not set when used this way. ```shell #!/bin/sh # UID/GID map to unknown user/group, $HOME=/ (the default when no home directory is defined) eval $( fixuid ) # UID/GID now match user/group, $HOME has been set to user's home directory ``` -------------------------------- ### Create User and Group in Dockerfile (Alpine, Debian/Ubuntu, Fedora) Source: https://github.com/boxboat/fixuid/blob/master/README.md These commands demonstrate how to create a non-root user and group within a Docker container using different base image package managers. They specify the user/group name, UID/GID, home directory, and shell. ```dockerfile # alpine RUN addgroup -g 1000 docker && \ adduser -u 1000 -G docker -h /home/docker -s /bin/sh -D docker # debian / ubuntu RUN addgroup --gid 1000 docker && \ adduser --uid 1000 --ingroup docker --home /home/docker --shell /bin/sh --disabled-password --gecos "" docker # fedora RUN groupadd -g 1000 docker && \ useradd -u 1000 -g docker -d /home/docker -s /bin/sh docker ``` -------------------------------- ### Bash: Run fixuid in quiet mode Source: https://context7.com/boxboat/fixuid/llms.txt This command demonstrates how to run a container using Docker and execute fixuid with the quiet flag (`-q`). This suppresses informational output, making logs cleaner. It also echoes a message after fixuid completes. ```bash # Run fixuid in quiet mode as entrypoint docker run --rm -it -u $(id -u):$(id -g) my-image sh -c "fixuid -q && echo 'Container ready'" ``` -------------------------------- ### fixuid Configuration File Source: https://context7.com/boxboat/fixuid/llms.txt These YAML snippets illustrate the structure of the fixuid configuration file (`/etc/fixuid/config.yml`). It specifies the user and group to remap to, and a list of filesystem paths to recursively scan for ownership changes, including Docker volume mounts. ```yaml # /etc/fixuid/config.yml user: docker group: docker paths: - /home/docker - /tmp ``` ```yaml # Configuration with multiple paths including Docker volumes user: developer group: developers paths: - / - /home/developer/.cache - /var/lib/app-data ``` -------------------------------- ### Configure fixuid with Docker Compose Source: https://context7.com/boxboat/fixuid/llms.txt This YAML snippet shows a Docker Compose configuration that uses fixuid. It allows overriding the default UID/GID using environment variables (FIXUID, FIXGID), accommodating different host user configurations within a team. It also demonstrates how to use a `.env` file for setting these variables. ```yaml version: '3.1' services: dev-container: build: . # Use environment variables with defaults for UID/GID user: ${FIXUID:-1000}:${FIXGID:-1000} volumes: - ./app:/app - ./config:/config environment: - HOME=/home/docker ``` ```bash # Developer with UID 1000 (default) docker-compose up # Developer with UID 1001 uses environment variables FIXUID=1001 FIXGID=1001 docker-compose up # Or create a .env file in the project root echo "FIXUID=1001" > .env echo "FIXGID=1001" >> .env docker-compose up ``` -------------------------------- ### fixuid Command-Line Flags Source: https://github.com/boxboat/fixuid/blob/master/README.md Information on the command-line flags available for the fixuid executable. Currently, only a quiet mode flag is supported. ```text Usage of ./fixuid: -q quiet mode ``` -------------------------------- ### Configure Scan Paths with YAML Source: https://github.com/boxboat/fixuid/blob/master/README.md Specify directories for fixuid to recursively scan in the `/etc/fixuid/config.yml` file. The tool only recurses into directories on the same device as the initial path, respecting device boundaries and excluding Docker volumes unless explicitly included. ```yaml user: docker group: docker paths: - /home/docker - /tmp ``` ```yaml user: docker group: docker paths: - / - /home/docker/.cache ``` === COMPLETE CONTENT === This response contains all available snippets from this library. No additional content exists. Do not make further requests.