UniqueSoft/docker-code-server
2
0
Fork 0
mirror of https://github.com/linuxserver/docker-code-server synced 2025-06-26 18:27:40 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Don't try and enable sudo if ro/non-root even if set

Browse Source
This commit is contained in:
thespad 2025-05-11 14:36:04 +01:00
parent a7e2b20ca2
commit a7294dfb09
No known key found for this signature in database
3 changed files with 18 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
README.md
View File

@ -85,7 +85,7 @@ This image can be run with a read-only container filesystem. For details please
### Caveats ### Caveats
* `/tmp` must be mounted to tmpfs * `/tmp` must be mounted to tmpfs
* sudo will not be available * `sudo` will not be available
## Non-Root Operation ## Non-Root Operation
@ -93,7 +93,7 @@ This image can be run with a non-root user. For details please [read the docs](h
### Caveats ### Caveats
* sudo will not be available * `sudo` will not be available
## Usage ## Usage

4
readme-vars.yml
View File

@ -39,10 +39,10 @@ opt_param_env_vars:
readonly_supported: true readonly_supported: true
readonly_message: | readonly_message: |
* `/tmp` must be mounted to tmpfs * `/tmp` must be mounted to tmpfs
* sudo will not be available * `sudo` will not be available
nonroot_supported: true nonroot_supported: true
nonroot_message: | nonroot_message: |
* sudo will not be available * `sudo` will not be available
# application setup block # application setup block
app_setup_block_enabled: true app_setup_block_enabled: true
app_setup_block: | app_setup_block: |

26
root/etc/s6-overlay/s6-rc.d/init-code-server/run
View File

@ -3,18 +3,20 @@
mkdir -p /config/{extensions,data,workspace,.ssh} mkdir -p /config/{extensions,data,workspace,.ssh}
if [[ -n "${SUDO_PASSWORD}" ]] || [[ -n "${SUDO_PASSWORD_HASH}" ]]; then if [[ -z ${LSIO_NON_ROOT_USER} ]] && [[ -z ${LSIO_READ_ONLY_FS} ]]; then
echo "setting up sudo access" if [[ -n "${SUDO_PASSWORD}" ]] || [[ -n "${SUDO_PASSWORD_HASH}" ]]; then
if ! grep -q 'abc' /etc/sudoers; then echo "setting up sudo access"
echo "adding abc to sudoers" if ! grep -q 'abc' /etc/sudoers; then
echo "abc ALL=(ALL:ALL) ALL" >> /etc/sudoers echo "adding abc to sudoers"
fi echo "abc ALL=(ALL:ALL) ALL" >> /etc/sudoers
if [[ -n "${SUDO_PASSWORD_HASH}" ]]; then fi
echo "setting sudo password using sudo password hash" if [[ -n "${SUDO_PASSWORD_HASH}" ]]; then
sed -i "s|^abc:\!:|abc:${SUDO_PASSWORD_HASH}:|" /etc/shadow echo "setting sudo password using sudo password hash"
else sed -i "s|^abc:\!:|abc:${SUDO_PASSWORD_HASH}:|" /etc/shadow
echo "setting sudo password using SUDO_PASSWORD env var" else
echo -e "${SUDO_PASSWORD}\n${SUDO_PASSWORD}" | passwd abc echo "setting sudo password using SUDO_PASSWORD env var"
echo -e "${SUDO_PASSWORD}\n${SUDO_PASSWORD}" | passwd abc
fi
fi fi
fi fi