hazza/docker-stacks
1
0
Fork 0
mirror of https://github.com/jupyter/docker-stacks.git synced 2025-10-15 22:12:57 +00:00
Code Issues Packages Projects Releases Wiki Activity

Create jovyan in Dockerfile, reset UID at startup

Browse Source 
* Create user jovyan with UID=1000 in the default users group in the Dockerfile
* Set group ownership of user home and conda to root to avoid 'users' group from host access when mounted
* Set stick bit on both paths so root owns subdirs too
* Change jovyan UID if NB_UID is specified and is not the default 1000

Contribution (c) Copyright IBM Corp. 2015
This commit is contained in:
Peter Parente
2015-09-10 22:01:14 -04:00
parent 7c9edef43d
commit dba9977525
2 changed files with 22 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
minimal-notebook/Dockerfile
View File

@@ -29,11 +29,15 @@ RUN apt-get update && apt-get install -yq --no-install-recommends \
# Configure environment
ENV CONDA_DIR /opt/conda
ENV PATH $CONDA_DIR/bin:$PATH
ENV NB_USER jovyan
ENV NB_UID 1000
# Install conda
RUN echo export PATH=$CONDA_DIR/bin:'$PATH' > /etc/profile.d/conda.sh && \
RUN mkdir -p $CONDA_DIR && \
chmod g+s $CONDA_DIR && \
echo export PATH=$CONDA_DIR/bin:'$PATH' > /etc/profile.d/conda.sh && \
wget --quiet https://repo.continuum.io/miniconda/Miniconda3-3.9.1-Linux-x86_64.sh && \
/bin/bash /Miniconda3-3.9.1-Linux-x86_64.sh -b -p $CONDA_DIR && \
/bin/bash /Miniconda3-3.9.1-Linux-x86_64.sh -f -b -p $CONDA_DIR && \
rm Miniconda3-3.9.1-Linux-x86_64.sh && \
$CONDA_DIR/bin/conda install --yes conda==3.14.1
@@ -43,6 +47,16 @@ RUN conda install --yes \
terminado \
&& conda clean -yt
# Create jovyan user with UID=1000 and in the 'users' group
# Grant ownership over the conda dir and home dir, but stick the group as root.
RUN useradd -m -s /bin/bash -N -u $NB_UID $NB_USER && \
chmod g+s /home/$NB_USER && \
mkdir /home/$NB_USER/work && \
mkdir /home/$NB_USER/.jupyter && \
mkdir /home/$NB_USER/.local && \
chown -R $NB_USER:root $CONDA_DIR && \
chown -R $NB_USER:root /home/$NB_USER
# Configure container startup
EXPOSE 8888
CMD [ "start-notebook.sh" ]
@@ -50,4 +64,5 @@ CMD [ "start-notebook.sh" ]
# Add local files as late as possible to avoid cache busting
COPY start-notebook.sh /usr/local/bin/
COPY notebook.conf /etc/supervisor/conf.d/
COPY jupyter_notebook_config.py /etc/skel/.jupyter/
COPY jupyter_notebook_config.py /home/$NB_USER/.jupyter/
RUN chown -R $NB_USER:root /home/$NB_USER/.jupyter