Skip to content
This repository has been archived by the owner on Sep 7, 2018. It is now read-only.

Support env flags for setting PID / GID #75

Closed
dewey opened this issue Jan 28, 2017 · 3 comments
Closed

Support env flags for setting PID / GID #75

dewey opened this issue Jan 28, 2017 · 3 comments

Comments

@dewey
Copy link

dewey commented Jan 28, 2017
edited
Loading

On some systems (Synology) this image will run into permissions problems (if you don't 777 your docker volume directory) because the PID / GID is set wrong. It would be great if these two env variables would be supported. This would solve issues like that one without some hacky 777 workaround: #32

Example how other containers do it:

https://github.com/linuxserver/docker-rutorrent#user--group-identifiers

Sometimes when using data volumes (-v flags) permissions issues can arise between the host OS and the container. We avoid this issue by allowing you to specify the user PUID and group PGID. Ensure the data volume directory on the host is owned by the same user you specify and it will "just work" ™.

That's how other images implement it:

https://github.com/cpoppema/docker-flexget/blob/master/init/90_new_user.sh

Thanks
@thekad
Copy link

thekad commented Aug 22, 2017

Just to add a bit more of background: it is impossible to expect the "grafana" user's UID inside the container will match a given user outside of the container. Given that a lot of the use cases call for a volume to store persistent data across container restarts, there's a few failure scenarios:

  1. The host does not have a "grafana" user (and why should it have? the point of the container is to minimize changes to the host...)
  2. The host does have a "grafana" user, but the UIDs don't match, e.g. the grafana user was created as a "system" user
  3. You start your containers with e.g. --user=1050 which means the processes are not able to chmod/chown stuff in run.sh, and the shebang at the top causes it to exit right away

I see why you made it not run as root on #16 but I think a better solution would be to modify run.sh to:

  1. check the current UID
  2. if the UID is 0 you can either: keep the current behavior (default to running as "grafana") or error out with a helpful suggestion about running as a non-root user
  3. if the UID is != 0, run grafana as the given user

Thoughts?

@microbug
Copy link

microbug commented Nov 6, 2017

Just a note that this is something I'd like to see fixed as well. There is a way to do it with a custom Dockerfile (see grafana/grafana#6285) but many other docker images have this functionality built in (e.g., most LinuxServer.io packages).

@xlson
Copy link
Contributor

xlson commented Mar 29, 2018

We're shipping Grafana 5.1 with a new docker image that will allow docker run --user <your id> grafana/grarfana to be used when starting Grafana to work around uid/gid issues. It's not released yet but the image can be found here #146.

@xlson xlson closed this as completed Mar 29, 2018
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@thekad @xlson @dewey @microbug