0

I have a Dockerfile that follows this pattern:

RUN echo "[DOCKER BUILD] Installing image dependencies..." && \
    apt-get update -y && \
    apt-get install -y sudo package_names ...

RUN useradd -ms /bin/bash builder
# tried this too, same error
# RUN useradd -m builder && echo "builder:builder" | chpasswd && adduser builder sudo
RUN mkdir -p /home/builder && chown -R builder:builder /home/builder
USER builder 

RUN sudo sed -i '/hosts:/c\hosts: files dns' /etc/nsswitch.conf

The part that doesn't work is editing /etc/nsswitch.conf ... Why can't I configure my image to edit this file?

I've tried tweaking the useradd several different ways but the current error is:

Step 8/10 : RUN sudo sed -i '/hosts:/c\hosts: files dns' /etc/nsswitch.conf ---> Running in 97cd39584950 sudo: no tty present and no askpass program specified The command '/bin/sh -c sudo sed -i '/hosts:/c\hosts: files dns' /etc/nsswitch.conf' returned a non-zero code: 1

How do I achieve editing this file inside the image?

A comment here suggests that all operations in dockerfile should be being run as root, which leads me to believe sudo is not needed. Why then do I see this?

RUN sed -i '/hosts:/c\hosts: files dns' /etc/nsswitch.conf

Step 8/10 : RUN sed -i '/hosts:/c\hosts: files dns' /etc/nsswitch.conf ---> Running in ad56ca17944c sed: couldn't open temporary file /etc/sed8KGQzP: Permission denied

adowdy
  • 329
  • 2
  • 16

2 Answers2

0

The problem is on the password for sudo, or a request for password. You need to pass ENV_VARIABLES to your container related with removing the sudo request for password, as follows:

<your-container-user> ALL = NOPASSWD: /sbin/poweroff, /sbin/start, /sbin/stop

You need to execute your sudo freely.

Related question:

How to fix 'sudo: no tty present and no askpass program specified' error?

Roberto Gonçalves
  • 3,186
  • 4
  • 13
  • 27
  • Can you demonstrate how inside a dockerfile I am editing with sudoers that doesn't already replicate the line I had commented out? – adowdy Aug 04 '17 at 21:19
0

I figured it out -- I can perform this task without sudo, but only if I do it before calling USER builder. It seems docker has the correct access it needs before I create any users.

adowdy
  • 329
  • 2
  • 16
  • Right, I just started using Docker this week so take it with a pinch of salt but my understanding is that the default user inside docker is "root" so until you specifically change the user to something else (e.g. with `USER builder`) you are root so just do your operations that require root privilege before you change user. – Ed Morton Aug 06 '17 at 14:10