How to use sudo inside a docker container?

前端未结

关注

 11  713

Normally, docker containers are run using the user root. I\'d like to use a different user, which is no problem using docker\'s USER directive. But this use

相关标签:

11条回答

甜味超标

2020-11-30 16:36
Just got it. As regan pointed out, I had to add the user to the sudoers group. But the main reason was I'd forgotten to update the repositories cache, so apt-get couldn't find the sudo package. It's working now. Here's the completed code:
```
FROM ubuntu:12.04

RUN apt-get update && \
      apt-get -y install sudo

RUN useradd -m docker && echo "docker:docker" | chpasswd && adduser docker sudo

USER docker
CMD /bin/bash
```
0 讨论(0)
发布评论:

提交评论
- 加载中...
北荒

2020-11-30 16:40
if you want to connect to container and install something
using apt-get
first as above answer from our brother "Tomáš Záluský"
```
docker exec -u root -t -i container_id /bin/bash
```
then try to

RUN apt-get update or apt-get 'anything you want'

it worked with me hope it's useful for all
0 讨论(0)
发布评论:

提交评论
- 加载中...
盖世英雄少女心

2020-11-30 16:41
When neither sudo nor apt-get is available in container, you can also jump into running container as root user using command
```
docker exec -u root -t -i container_id /bin/bash
```
0 讨论(0)
发布评论:

提交评论
- 加载中...
时光取名叫无心

2020-11-30 16:41
This may not work for all images, but some images contain a root user already, such as in the jupyterhub/singleuser image. With that image it's simply:
```
USER root
RUN sudo apt-get update
```
0 讨论(0)
发布评论:

提交评论
- 加载中...
孤城傲影

2020-11-30 16:46
Unlike accepted answer, I use usermod instead.

Assume already logged-in as root in docker, and "fruit" is the new non-root username I want to add, simply run this commands:
```
apt update && apt install sudo
adduser fruit
usermod -aG sudo fruit
```
Remember to save image after update. Use docker ps to get current running docker's <CONTAINER ID> and <IMAGE>, then run docker commit -m "added sudo user" <CONTAINER ID> <IMAGE> to save docker image.

Then test with:
```
su fruit
sudo whoami
```
Or test by direct login(ensure save image first) as that non-root user when launch docker:
```
docker run -it --user fruit <IMAGE>
sudo whoami
```
You can use sudo -k to reset password prompt timestamp:
```
sudo whoami # No password prompt
sudo -k # Invalidates the user's cached credentials
sudo whoami # This will prompt for password
```
0 讨论(0)
发布评论:

提交评论
- 加载中...
慢半拍i

2020-11-30 16:48
The other answers didn't work for me. I kept searching and found a blog post that covered how a team was running non-root inside of a docker container.

Here's the TL;DR version:
```
RUN apt-get update \
 && apt-get install -y sudo

RUN adduser --disabled-password --gecos '' docker
RUN adduser docker sudo
RUN echo '%sudo ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers

USER docker

# this is where I was running into problems with the other approaches
RUN sudo apt-get update 
```
I was using FROM node:9.3 for this, but I suspect that other similar container bases would work as well.
0 讨论(0)
发布评论:

提交评论
- 加载中...

1 2 下一页