Skip to content

Add a 'nobody' user and group#335

Merged
chanseokoh merged 1 commit intoGoogleContainerTools:masterfrom
thockin:master
Mar 25, 2019
Merged

Add a 'nobody' user and group#335
chanseokoh merged 1 commit intoGoogleContainerTools:masterfrom
thockin:master

Conversation

@thockin
Copy link
Copy Markdown
Contributor

@thockin thockin commented Mar 25, 2019

Fixes #332

@chanseokoh
Copy link
Copy Markdown
Member

chanseokoh commented Mar 25, 2019
edited
Loading

Please fix the formatting error: #291 (comment)

Let's use the number 65534 instead of 65535. That's the number on my machine, and it is only beneficial to avoid 65535: https://superuser.com/questions/706338/why-on-some-systems-max-uid-gid-is-65534-an-not-65535

@thockin
Copy link
Copy Markdown
Contributor Author

thockin commented Mar 25, 2019

I have changed numbers and run buildifier.

Separate bug:

When I run ./buildifier.sh, I get no output and a success error code.

When I run buildifier -mode=check $(find . -name 'BUILD*' -o -name 'WORKSPACE*' -type f), I get a flag on base/BUILD but a success error code.

buildifier.sh is checking for a non-success error code, so it will never work.

As a casual contributor, it's scary to be told "Go wget and run this binary". It would be nicer if that was more transparent (and in fact if it "just worked" from HEAD -- even a docker run in a script...)

@chanseokoh
Copy link
Copy Markdown
Member

chanseokoh commented Mar 25, 2019

Seems like a test failure. Please fix.

Separate bug:

Probably there's something broken about that. Please file a bug. I maintain Java part of distroless, so I honestly don't know very well about the buildifier stuff.

@thockin
Copy link
Copy Markdown
Contributor Author

thockin commented Mar 25, 2019 via email

chanseokoh
chanseokoh reviewed Mar 25, 2019
View reviewed changes
base/testdata/base.yaml Outdated
- name: 'known users'
path: '/etc/passwd'
expectedContents: ['^root:x:0:0:user:/home:/bin/bash\n$']
expectedContents: ['^root:x:0:0:user:/home:/bin/bash\nnobody:x:65534:65534:user:/hom:/bin/bash\n$']
Copy link
Copy Markdown
Member

@chanseokoh chanseokoh Mar 25, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Test still failing. Probably /hom: --> /home:.

@thockin
Copy link
Copy Markdown
Contributor Author

thockin commented Mar 25, 2019

all green

@chanseokoh chanseokoh merged commit acf95ce into GoogleContainerTools:master Mar 25, 2019
@chanseokoh chanseokoh mentioned this pull request Mar 25, 2019
Closed
@dlorenc
Copy link
Copy Markdown
Contributor

dlorenc commented Mar 25, 2019

@thockin there's an image with this change published here: gcr.io/distroless/base:5eb0f8a01ed8046cefc3a7ca9cf5b95bad296dcf

I can tag it as latest soon

@thockin
Copy link
Copy Markdown
Contributor Author

thockin commented Mar 25, 2019 via email

@loosebazooka loosebazooka mentioned this pull request May 29, 2019
Merged
@johscheuer johscheuer mentioned this pull request Oct 7, 2019
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@chanseokoh chanseokoh chanseokoh approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@thockin @chanseokoh @dlorenc