Skip to content
Merged
Show file tree
Hide file tree
Changes from 2 commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions .config/dictionary.txt
Original file line number Diff line number Diff line change
Expand Up @@ -39,4 +39,5 @@ skopeo
unmarshal
unmarshalling
urandom
userdel
userns
2 changes: 2 additions & 0 deletions devfile.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,8 @@ components:
env:
- name: "ANSIBLE_COLLECTIONS_PATH"
value: "~/.ansible/collections:/usr/share/ansible/collections:/projects/ansible-devspaces-demo/collections"
- name: "ADT_CONTAINER_ENGINE"
value: "podman"
commands:
- id: molecule-create
exec:
Expand Down
3 changes: 2 additions & 1 deletion devspaces/Containerfile
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,8 @@ RUN --mount=type=bind,target=. --mount=type=cache,dst=/var/cache/dnf --mount=typ

ENV BUILDAH_ISOLATION=chroot

USER 10001
# Reflect the UID that the SCC will force the workspace to run as.
USER 1000

ENTRYPOINT ["/entrypoint.sh"]
CMD ["tail", "-f", "/dev/null"]
10 changes: 10 additions & 0 deletions devspaces/context/setup.sh
Original file line number Diff line number Diff line change
Expand Up @@ -49,6 +49,16 @@ setcap cap_setuid+ep /usr/bin/newuidmap
setcap cap_setgid+ep /usr/bin/newgidmap
touch /etc/subgid /etc/subuid
chown 0:0 /etc/subgid /etc/subuid
# Remove the base image entries for user
if id user >/dev/null 2>&1
then
userdel user
# Add the user with the UID that the SCC will enforce
useradd -u 1000 -G wheel,root -d /home/user --shell /bin/bash -m user
usermod -L user
Comment thread
alisonlhart marked this conversation as resolved.
Outdated
chmod 400 /etc/shadow
chown -R user /home/user
fi

if [[ "${ENABLE_NOPASSWD_SUDO:-false}" == "true" ]]; then
echo "%wheel ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/wheel-nopasswd
Expand Down
Loading