Create jovyan in Dockerfile, reset UID at startup

* Create user jovyan with UID=1000 in the default users group in the Dockerfile * Set group ownership of user home and conda to root to avoid 'users' group from host access when mounted * Set stick bit on both paths so root owns subdirs too * Change jovyan UID if NB_UID is specified and is not the default 1000 Contribution (c) Copyright IBM Corp. 2015
2025-10-11 12:02:56 +00:00 · 2015-09-10 22:01:14 -04:00
parent 7c9edef43d
commit dba9977525
2 changed files with 22 additions and 27 deletions
--- a/minimal-notebook/start-notebook.sh
+++ b/minimal-notebook/start-notebook.sh
@@ -1,29 +1,9 @@
 #!/bin/bash

-# Constants
-NB_USER=jovyan
-NB_HOME=/home/$NB_USER
-NB_WORK=$NB_HOME/work
-
-# Create non-root NB_USER if one doesn't exist
-id -u $NB_USER && user_exists=true
-if [ -z "$user_exists" ] ; then
-    useradd -m -s /bin/bash -u ${NB_UID:-1000} $NB_USER
-
-    # Setup a work directory rooted in the NB_USER home
-    mkdir -p $NB_WORK
-    chown -R $NB_USER.$NB_USER $NB_HOME
-
-    # Allow NB_USER group to update conda root env
-    chown -R root.$NB_USER $CONDA_DIR
-    chmod g+w $CONDA_DIR
-fi
-
-# Copy skeleton files if useradd didn't do it (e.g., volume mounted dir
-# residing in NB_HOME prevented it)
-if [ ! -d $NB_HOME/.jupyter ]; then
-    cp -r /etc/skel/. $NB_HOME
-    chown -R $NB_USER.$NB_USER $NB_HOME
+# Change UID of jovyan to NB_UID if it does not match
+if [ "$NB_UID" != $(id -u jovyan) ] ; then
+    usermod -u $NB_UID $NB_USER
+    chown -R $NB_UID:$NB_UID $CONDA_DIR
 fi

 # Enable sudo if requested