使用 useradd 命令带上 -u 选项会导致 Docker 卡住。

Question

使用 useradd 命令带上 -u 选项会导致 Docker 卡住。

3

我有以下的Docker文件。

FROM ubuntu:18.04

ARG user_id
ARG user_gid

# Essential packages for building on a Ubuntu host
# https://docs.yoctoproject.org/ref-manual/system-requirements.html#ubuntu-and-debian
# Note, we set DEBIAN_FRONTEND=noninteractive prior to the call to apt-get
# install because otherwise we'll get prompted to select a timezone when the
# tzdata package gets included as a dependency.
RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y    \
    gawk wget git-core diffstat unzip texinfo gcc-multilib build-essential \
    chrpath socat cpio python3 python3-pip python3-pexpect xz-utils        \
    debianutils iputils-ping python3-git python3-jinja2 libegl1-mesa       \
    libsdl1.2-dev pylint3 xterm python3-subunit mesa-common-dev sudo

# Add a user and set them up for passwordless sudo. We're using the same user
# ID and group numbers as the host system. This allows us to give the yocto
# user ownership of files and directories in the poky volume we're going to add
# without needing to change ownership which would also affect the host system.
RUN groupadd -g $user_gid yoctouser
RUN useradd -m yoctouser -u $user_id -g $user_gid
    #echo "yoctouser ALL=(ALL:ALL) NOPASSWD:ALL" | tee -a /etc/sudoers

USER yoctouser
WORKDIR /home/yoctouser

ENV LANG=en_US.UTF-8

CMD /bin/bash

用户添加命令useradd卡住了，具体问题出在-u选项上。如果我删掉-u $user_id，一切就正常了。此外，Docker正在填满我的磁盘。添加-u选项之前，/var/lib/docker/overlay2/的大小为852MB，但只需几秒钟后，它就会变成几GB。如果我不结束它，它将完全填满我的磁盘，我最终不得不停止Docker守护程序，并手动删除overlay2目录中的文件夹。

为什么指定该用户ID会出现问题呢？

以下是我编写的Python脚本的相关部分，你可以看到我如何获取用户ID并将其传递给docker build。

def build_docker_image():
    print("Building a docker image named:", DOCKER_IMAGE_NAME)
    USERID_ARG  = "user_id=" + str(os.getuid())
    USERGID_ARG = "user_gid=" + str(os.getgid())
    print(USERID_ARG)
    print(USERGID_ARG)
    try:
        subprocess.check_call(['docker', 'build',
                               '--build-arg', USERID_ARG,
                               '--build-arg', USERGID_ARG,
                               '-t', DOCKER_IMAGE_NAME, '.',
                               '-f', DOCKERFILE_NAME])
    except:
        print("Failed to create the docker image")
        sys.exit(1)

就我的系统而言，FWIW

user_id=1666422094
user_gid=1666400513

我在一个 Ubuntu 18.04 主机上运行 Docker 版本 20.10.5，构建版本为 55c4c88。

- Nick

这篇文章提到，由于docker的bug，当UID很长时，我需要使用-l标志。我很快会尝试一下。 - Nick

1个回答

网页内容由stack overflow 提供, 点击上面的

可以查看英文原文，
原文链接

- Nick · Accepted Answer

我需要在调用useradd时使用-l / --no-log-init选项，以解决与大UID的处理方式有关的Docker错误问题。

我的最终Dockerfile如下：

FROM ubuntu:18.04

ARG user_id
ARG user_gid

# Essential packages for building on a Ubuntu host
# https://docs.yoctoproject.org/ref-manual/system-requirements.html#ubuntu-and-debian
# Note, we set DEBIAN_FRONTEND=noninteractive prior to the call to apt-get
# install because otherwise we'll get prompted to select a timezone when the
# tzdata package gets included as a dependency.
RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y    \
    gawk wget git-core diffstat unzip texinfo gcc-multilib build-essential \
    chrpath socat cpio python3 python3-pip python3-pexpect xz-utils        \
    debianutils iputils-ping python3-git python3-jinja2 libegl1-mesa       \
    libsdl1.2-dev pylint3 xterm python3-subunit mesa-common-dev

# Set up locales
RUN apt-get install -y locales
RUN dpkg-reconfigure locales && \
    locale-gen en_US.UTF-8 &&   \
    update-locale LC_ALL=en_US.UTF-8 LANG=en_US.UTF-8
ENV LC_ALL=en_US.UTF-8
ENV LANG=en_US.UTF-8
ENV LANGUAGE=en_US.UTF-8

# Add a user and set them up for passwordless sudo. We're using the same user
# ID and group numbers as the host system. This allows us to give the yocto
# user ownership of files and directories in the poky mount we're going to add
# without needing to change ownership which would also affect the host system.
# Note the use of the --no-log-init option for useradd. This is a workaround to
# [a bug](https://github.com/moby/moby/issues/5419) relating to how large UIDs
# are handled.
RUN apt-get install -y sudo &&                                           \
    groupadd --gid ${user_gid} yoctouser &&                              \
    useradd --create-home --no-log-init --uid ${user_id} --gid yoctouser \
        yoctouser &&                                                     \
    echo "yoctouser ALL=(ALL:ALL) NOPASSWD:ALL" | tee -a /etc/sudoers

USER yoctouser
WORKDIR /home/yoctouser

CMD ["/bin/bash"]