Skip to content

Commit 8f8c0bb

Browse files
hkjnhkjn
committed
Explicitly set uid/gid for postgres/postgres
The values 999:999 are identical to the current user/group id assigned in the containers (tested in postgres:9.4, but should be identical for all versions), but this guarantees that those values will remain the same even if the groupadd/useradd commands were moved elsewhere in the Dockerfile, or a new debian:jessie image was pushed. Tested: core@test-1 ~ $ docker run -v $(pwd):/origin --rm -it debian:jessie bash -c 'groupadd -r postgres --gid=999 && useradd -r -g postgres --uid=999 postgres && mkdir /origin/pg && chown -R postgres:postgres /origin/pg' core@test-1 ~ $ ls -hsal pg/ total 8.0K 4.0K drwxr-xr-x 2 999 999 4.0K Sep 22 12:57 . 4.0K drwxr-xr-x 5 core core 4.0K Sep 22 12:59 .. core@test-1 ~ $ rm -rf pg/ core@test-1 ~ $ docker run -v $(pwd):/origin --rm -it --user=root postgres:9.4 bash -c 'mkdir /origin/pg && chown -R postgres:postgres /origin/pg' core@test-1 ~ $ ls -hsal pg/ total 8.0K 4.0K drwxr-xr-x 2 999 999 4.0K Sep 22 12:59 . 4.0K drwxr-xr-x 5 core core 4.0K Sep 22 12:59 ..
1 parent 87b8be7 commit 8f8c0bb

File tree

6 files changed

+12
-12
lines changed

6 files changed

+12
-12
lines changed

9.0/Dockerfile

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,8 +1,8 @@
11
# vim:set ft=dockerfile:
22
FROM debian:jessie
33

4-
# add our user and group first to make sure their IDs get assigned consistently, regardless of whatever dependencies get added
5-
RUN groupadd -r postgres && useradd -r -g postgres postgres
4+
# explicitly set user/group IDs
5+
RUN groupadd -r postgres --gid=999 && useradd -r -g postgres --uid=999 postgres
66

77
# grab gosu for easy step-down from root
88
RUN gpg --keyserver pool.sks-keyservers.net --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4

9.1/Dockerfile

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,8 +1,8 @@
11
# vim:set ft=dockerfile:
22
FROM debian:jessie
33

4-
# add our user and group first to make sure their IDs get assigned consistently, regardless of whatever dependencies get added
5-
RUN groupadd -r postgres && useradd -r -g postgres postgres
4+
# explicitly set user/group IDs
5+
RUN groupadd -r postgres --gid=999 && useradd -r -g postgres --uid=999 postgres
66

77
# grab gosu for easy step-down from root
88
RUN gpg --keyserver pool.sks-keyservers.net --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4

9.2/Dockerfile

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,8 +1,8 @@
11
# vim:set ft=dockerfile:
22
FROM debian:jessie
33

4-
# add our user and group first to make sure their IDs get assigned consistently, regardless of whatever dependencies get added
5-
RUN groupadd -r postgres && useradd -r -g postgres postgres
4+
# explicitly set user/group IDs
5+
RUN groupadd -r postgres --gid=999 && useradd -r -g postgres --uid=999 postgres
66

77
# grab gosu for easy step-down from root
88
RUN gpg --keyserver pool.sks-keyservers.net --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4

9.3/Dockerfile

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,8 +1,8 @@
11
# vim:set ft=dockerfile:
22
FROM debian:jessie
33

4-
# add our user and group first to make sure their IDs get assigned consistently, regardless of whatever dependencies get added
5-
RUN groupadd -r postgres && useradd -r -g postgres postgres
4+
# explicitly set user/group IDs
5+
RUN groupadd -r postgres --gid=999 && useradd -r -g postgres --uid=999 postgres
66

77
# grab gosu for easy step-down from root
88
RUN gpg --keyserver pool.sks-keyservers.net --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4

9.4/Dockerfile

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,8 +1,8 @@
11
# vim:set ft=dockerfile:
22
FROM debian:jessie
33

4-
# add our user and group first to make sure their IDs get assigned consistently, regardless of whatever dependencies get added
5-
RUN groupadd -r postgres && useradd -r -g postgres postgres
4+
# explicitly set user/group IDs
5+
RUN groupadd -r postgres --gid=999 && useradd -r -g postgres --uid=999 postgres
66

77
# grab gosu for easy step-down from root
88
RUN gpg --keyserver pool.sks-keyservers.net --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4

9.5/Dockerfile

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,8 +1,8 @@
11
# vim:set ft=dockerfile:
22
FROM debian:jessie
33

4-
# add our user and group first to make sure their IDs get assigned consistently, regardless of whatever dependencies get added
5-
RUN groupadd -r postgres && useradd -r -g postgres postgres
4+
# explicitly set user/group IDs
5+
RUN groupadd -r postgres --gid=999 && useradd -r -g postgres --uid=999 postgres
66

77
# grab gosu for easy step-down from root
88
RUN gpg --keyserver pool.sks-keyservers.net --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4

0 commit comments

Comments
 (0)