docker: Allow to call with USER_ID=0

When we run as root on the host and want to allow the builder to do the same, e.g. to access root-owned volumes, accept USER_ID=0 to express this. This allows to tell the user to call "docker run -e USER_ID=$(id -u)", and it will always reflect the calling context's permissions into the container. Reported-by: Jan Christian Grünhage <jan.christian@gruenhage.xyz> Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
2017-07-20 18:13:14 +02:00 · 2017-07-20 18:13:14 +02:00 · 8d5ce95347
commit 8d5ce95347
parent bb853cec02
1 changed files with 18 additions and 7 deletions
--- a/25
+++ b/25
@ -13,13 +13,24 @@ fi

 USER_ID=${USER_ID:-30000}

-# Create a non-root user that will perform the actual build
-id builder 2>/dev/null || \
-    useradd --uid $USER_ID --create-home --home-dir /builder builder
+if [ $USER_ID == 0 ]; then
+	# We shall run everything as root
+	mkdir /builder

-cd /builder
-if [ -n "$1" ]; then
-	exec gosu builder "$@"
+	cd /builder
+	if [ -n "$1" ]; then
+		exec "$@"
+	else
+		exec bash
+	fi
 else
-	exec gosu builder bash
+	# Create a non-root user that will perform the actual build
+	useradd --uid $USER_ID --create-home --home-dir /builder builder
+
+	cd /builder
+	if [ -n "$1" ]; then
+		exec gosu builder "$@"
+	else
+		exec gosu builder bash
+	fi
 fi