Skip to content

D
devcontainer-features
Unverified Commit fa07406f authored by Samruddhi Khandale's avatar Samruddhi Khandale Committed by GitHub
Browse files
Options

add missing user groups to fix permission issues for non root user (#45) 

* add missing user groups

* fix username

* move chmod: anaconda
parent 19fd66af
Hide whitespace changes
Inline Side-by-side
Showing with 74 additions and 12 deletions
src/anaconda/install.sh
View file @ fa07406f
...@@ -9,7 +9,6 @@ ...@@ -9,7 +9,6 @@
VERSION=${VERSION:-"latest"} VERSION=${VERSION:-"latest"}
USERNAME=${USERNAME:-"automatic"} USERNAME=${USERNAME:-"automatic"}
UPDATE_RC=${UPDATE_RC:-"true"} UPDATE_RC=${UPDATE_RC:-"true"}
CONDA_DIR=${CONDA_DIR:-"/usr/local/conda"} CONDA_DIR=${CONDA_DIR:-"/usr/local/conda"}
...@@ -32,8 +31,8 @@ if [ "${USERNAME}" = "auto" ] || [ "${USERNAME}" = "automatic" ]; then ...@@ -32,8 +31,8 @@ if [ "${USERNAME}" = "auto" ] || [ "${USERNAME}" = "automatic" ]; then
USERNAME="" USERNAME=""
POSSIBLE_USERS=("vscode" "node" "codespace" "$(awk -v val=1000 -F ":" '$3==val{print $1}' /etc/passwd)") POSSIBLE_USERS=("vscode" "node" "codespace" "$(awk -v val=1000 -F ":" '$3==val{print $1}' /etc/passwd)")
for CURRENT_USER in "${POSSIBLE_USERS[@]}"; do for CURRENT_USER in "${POSSIBLE_USERS[@]}"; do
if id -u ${CURRENT_USER} > /dev/null 2>&1; then if id -u "${CURRENT_USER}" > /dev/null 2>&1; then
USERNAME=${CURRENT_USER} USERNAME="${CURRENT_USER}"
break break
fi fi
done done
...@@ -72,11 +71,19 @@ check_packages() { ...@@ -72,11 +71,19 @@ check_packages() {
# Install Conda if it's missing # Install Conda if it's missing
if ! conda --version &> /dev/null ; then if ! conda --version &> /dev/null ; then
if ! cat /etc/group | grep -e "^conda:" > /dev/null 2>&1; then
groupadd -r conda
fi
usermod -a -G conda "${USERNAME}"
# Install dependencies # Install dependencies
check_packages wget ca-certificates check_packages wget ca-certificates
mkdir -p $CONDA_DIR mkdir -p $CONDA_DIR
chown ${USERNAME}:root $CONDA_DIR chown -R :conda "${CONDA_DIR}"
chmod -R g+r+w "${CONDA_DIR}"
find "${CONDA_DIR}" -type d | xargs -n 1 chmod g+s
echo "Installing Anaconda..." echo "Installing Anaconda..."
CONDA_VERSION=$VERSION CONDA_VERSION=$VERSION
......
src/dotnet/install.sh
View file @ fa07406f
...@@ -412,7 +412,16 @@ else ...@@ -412,7 +412,16 @@ else
echo "Could not install dotnet from apt. Attempting to install dotnet from releases url" echo "Could not install dotnet from apt. Attempting to install dotnet from releases url"
fi fi
if ! cat /etc/group | grep -e "^dotnet:" > /dev/null 2>&1; then
groupadd -r dotnet
fi
usermod -a -G dotnet "${USERNAME}"
install_using_dotnet_releases_url "${DOTNET_SDK_OR_RUNTIME}" install_using_dotnet_releases_url "${DOTNET_SDK_OR_RUNTIME}"
chown -R :dotnet "${TARGET_DOTNET_ROOT}"
chmod -R g+r+w "${TARGET_DOTNET_ROOT}"
find "${TARGET_DOTNET_ROOT}" -type d | xargs -n 1 chmod g+s
fi fi
echo "Done!" echo "Done!"
\ No newline at end of file
src/hugo/install.sh
View file @ fa07406f
...@@ -90,6 +90,11 @@ fi ...@@ -90,6 +90,11 @@ fi
# Install Hugo if it's missing # Install Hugo if it's missing
if ! hugo version &> /dev/null ; then if ! hugo version &> /dev/null ; then
if ! cat /etc/group | grep -e "^hugo:" > /dev/null 2>&1; then
groupadd -r hugo
fi
usermod -a -G hugo "${USERNAME}"
echo "Installing Hugo..." echo "Installing Hugo..."
installation_dir="$HUGO_DIR/bin" installation_dir="$HUGO_DIR/bin"
mkdir -p "$installation_dir" mkdir -p "$installation_dir"
...@@ -108,6 +113,10 @@ if ! hugo version &> /dev/null ; then ...@@ -108,6 +113,10 @@ if ! hugo version &> /dev/null ; then
rm "$hugo_filename" rm "$hugo_filename"
updaterc "export HUGO_DIR=${installation_dir}" updaterc "export HUGO_DIR=${installation_dir}"
chown -R :hugo "${HUGO_DIR}"
chmod -R g+r+w "${HUGO_DIR}"
find "${HUGO_DIR}" -type d | xargs -n 1 chmod g+s
fi fi
echo "Done!" echo "Done!"
src/oryx/devcontainer-feature.json
View file @ fa07406f
...@@ -4,7 +4,8 @@ ...@@ -4,7 +4,8 @@
"containerEnv": { "containerEnv": {
"ORYX_SDK_STORAGE_BASE_URL": "https://oryx-cdn.microsoft.io", "ORYX_SDK_STORAGE_BASE_URL": "https://oryx-cdn.microsoft.io",
"ENABLE_DYNAMIC_INSTALL": "true", "ENABLE_DYNAMIC_INSTALL": "true",
"DYNAMIC_INSTALL_ROOT_DIR": "/tmp/oryx-platforms", "DYNAMIC_INSTALL_ROOT_DIR": "/usr/local/oryx-platforms",
"ORYX_PREFER_USER_INSTALLED_SDKS": "true",
"ORYX_DIR": "/usr/local/oryx", "ORYX_DIR": "/usr/local/oryx",
"PATH": "${ORYX_DIR}:${PATH}" "PATH": "${ORYX_DIR}:${PATH}"
}, },
......
src/oryx/install.sh
View file @ fa07406f
...@@ -86,6 +86,11 @@ check_packages git sudo wget ca-certificates ...@@ -86,6 +86,11 @@ check_packages git sudo wget ca-certificates
if ! oryx --version > /dev/null ; then if ! oryx --version > /dev/null ; then
echo "Installing Oryx..." echo "Installing Oryx..."
if ! cat /etc/group | grep -e "^oryx:" > /dev/null 2>&1; then
groupadd -r oryx
fi
usermod -a -G oryx "${USERNAME}"
# Install dotnet unless available # Install dotnet unless available
if ! dotnet --version > /dev/null ; then if ! dotnet --version > /dev/null ; then
echo "'dotnet' was not detected. Attempting to install the latest version of the dotnet sdk to build oryx." echo "'dotnet' was not detected. Attempting to install the latest version of the dotnet sdk to build oryx."
...@@ -104,7 +109,6 @@ if ! oryx --version > /dev/null ; then ...@@ -104,7 +109,6 @@ if ! oryx --version > /dev/null ; then
mkdir -p ${BUILD_SCRIPT_GENERATOR} mkdir -p ${BUILD_SCRIPT_GENERATOR}
mkdir -p ${ORYX} mkdir -p ${ORYX}
chown -R ${USERNAME} ${BUILD_SCRIPT_GENERATOR} ${ORYX}
git clone --depth=1 https://github.com/microsoft/Oryx $GIT_ORYX git clone --depth=1 https://github.com/microsoft/Oryx $GIT_ORYX
$GIT_ORYX/build/buildSln.sh $GIT_ORYX/build/buildSln.sh
...@@ -118,11 +122,16 @@ if ! oryx --version > /dev/null ; then ...@@ -118,11 +122,16 @@ if ! oryx --version > /dev/null ; then
ln -s ${BUILD_SCRIPT_GENERATOR}/GenerateBuildScript ${ORYX}/oryx ln -s ${BUILD_SCRIPT_GENERATOR}/GenerateBuildScript ${ORYX}/oryx
cp -f $GIT_ORYX/images/build/benv.sh ${ORYX}/benv cp -f $GIT_ORYX/images/build/benv.sh ${ORYX}/benv
ORYX_INSTALL_DIR="/tmp/oryx-platforms" ORYX_INSTALL_DIR="/usr/local/oryx-platforms"
mkdir -p "${ORYX_INSTALL_DIR}" mkdir -p "${ORYX_INSTALL_DIR}"
chown -R ${USERNAME} "${ORYX_INSTALL_DIR}"
updaterc "export ORYX_SDK_STORAGE_BASE_URL=https://oryx-cdn.microsoft.io && export ENABLE_DYNAMIC_INSTALL=true && DYNAMIC_INSTALL_ROOT_DIR=$ORYX_INSTALL_DIR" updaterc "export ORYX_SDK_STORAGE_BASE_URL=https://oryx-cdn.microsoft.io && export ENABLE_DYNAMIC_INSTALL=true && DYNAMIC_INSTALL_ROOT_DIR=$ORYX_INSTALL_DIR && ORYX_PREFER_USER_INSTALLED_SDKS=true"
chown -R :oryx "${ORYX_INSTALL_DIR}" "${BUILD_SCRIPT_GENERATOR}" "${ORYX}"
chmod -R g+r+w "${ORYX_INSTALL_DIR}" "${BUILD_SCRIPT_GENERATOR}" "${ORYX}"
find "${ORYX_INSTALL_DIR}" -type d | xargs -n 1 chmod g+s
find "${BUILD_SCRIPT_GENERATOR}" -type d | xargs -n 1 chmod g+s
find "${ORYX}" -type d | xargs -n 1 chmod g+s
fi fi
echo "Done!" echo "Done!"
src/php/install.sh
View file @ fa07406f
...@@ -40,7 +40,7 @@ if [ "${USERNAME}" = "auto" ] || [ "${USERNAME}" = "automatic" ]; then ...@@ -40,7 +40,7 @@ if [ "${USERNAME}" = "auto" ] || [ "${USERNAME}" = "automatic" ]; then
fi fi
done done
if [ "${USERNAME}" = "" ]; then if [ "${USERNAME}" = "" ]; then
USERNAME=vscode USERNAME=root
fi fi
elif [ "${USERNAME}" = "none" ]; then elif [ "${USERNAME}" = "none" ]; then
USERNAME=root USERNAME=root
...@@ -122,6 +122,11 @@ if [ -d "${PHP_INSTALL_DIR}" ]; then ...@@ -122,6 +122,11 @@ if [ -d "${PHP_INSTALL_DIR}" ]; then
exit 1 exit 1
fi fi
if ! cat /etc/group | grep -e "^php:" > /dev/null 2>&1; then
groupadd -r php
fi
usermod -a -G php "${USERNAME}"
PHP_URL="https://www.php.net/distributions/php-${VERSION}.tar.gz" PHP_URL="https://www.php.net/distributions/php-${VERSION}.tar.gz"
PHP_INI_DIR="${PHP_INSTALL_DIR}/ini" PHP_INI_DIR="${PHP_INSTALL_DIR}/ini"
...@@ -192,4 +197,8 @@ rm -rf ${PHP_SRC_DIR} ...@@ -192,4 +197,8 @@ rm -rf ${PHP_SRC_DIR}
updaterc "if [[ \"\${PATH}\" != *\"${CURRENT_DIR}\"* ]]; then export PATH=${CURRENT_DIR}/bin:\${PATH}; fi" updaterc "if [[ \"\${PATH}\" != *\"${CURRENT_DIR}\"* ]]; then export PATH=${CURRENT_DIR}/bin:\${PATH}; fi"
chown -R :php "${PHP_DIR}"
chmod -R g+r+w "${PHP_DIR}"
find "${PHP_DIR}" -type d | xargs -n 1 chmod g+s
echo "Done!" echo "Done!"
src/python/install.sh
View file @ fa07406f
...@@ -341,6 +341,11 @@ check_packages curl ca-certificates gnupg2 tar make gcc libssl-dev zlib1g-dev li ...@@ -341,6 +341,11 @@ check_packages curl ca-certificates gnupg2 tar make gcc libssl-dev zlib1g-dev li
# Install Python from source if needed # Install Python from source if needed
if [ "${PYTHON_VERSION}" != "none" ]; then if [ "${PYTHON_VERSION}" != "none" ]; then
if ! cat /etc/group | grep -e "^python:" > /dev/null 2>&1; then
groupadd -r python
fi
usermod -a -G python "${USERNAME}"
CURRENT_PATH="${PYTHON_INSTALL_PATH}/current" CURRENT_PATH="${PYTHON_INSTALL_PATH}/current"
# If the os-provided versions are "good enough", detect that and bail out. # If the os-provided versions are "good enough", detect that and bail out.
if [ ${PYTHON_VERSION} = "os-provided" ] || [ ${PYTHON_VERSION} = "system" ]; then if [ ${PYTHON_VERSION} = "os-provided" ] || [ ${PYTHON_VERSION} = "system" ]; then
...@@ -357,6 +362,10 @@ if [ "${PYTHON_VERSION}" != "none" ]; then ...@@ -357,6 +362,10 @@ if [ "${PYTHON_VERSION}" != "none" ]; then
fi fi
updaterc "if [[ \"\${PATH}\" != *\"${CURRENT_PATH}/bin\"* ]]; then export PATH=${CURRENT_PATH}/bin:\${PATH}; fi" updaterc "if [[ \"\${PATH}\" != *\"${CURRENT_PATH}/bin\"* ]]; then export PATH=${CURRENT_PATH}/bin:\${PATH}; fi"
chown -R :python "${PYTHON_INSTALL_PATH}"
chmod -R g+r+w "${PYTHON_INSTALL_PATH}"
find "${PYTHON_INSTALL_PATH}" -type d | xargs -n 1 chmod g+s
fi fi
# Install Python tools if needed # Install Python tools if needed
...@@ -403,6 +412,10 @@ if [ "${INSTALL_PYTHON_TOOLS}" = "true" ]; then ...@@ -403,6 +412,10 @@ if [ "${INSTALL_PYTHON_TOOLS}" = "true" ]; then
updaterc "export PIPX_HOME=\"${PIPX_HOME}\"" updaterc "export PIPX_HOME=\"${PIPX_HOME}\""
updaterc "export PIPX_BIN_DIR=\"${PIPX_BIN_DIR}\"" updaterc "export PIPX_BIN_DIR=\"${PIPX_BIN_DIR}\""
updaterc "if [[ \"\${PATH}\" != *\"\${PIPX_BIN_DIR}\"* ]]; then export PATH=\"\${PATH}:\${PIPX_BIN_DIR}\"; fi" updaterc "if [[ \"\${PATH}\" != *\"\${PIPX_BIN_DIR}\"* ]]; then export PATH=\"\${PATH}:\${PIPX_BIN_DIR}\"; fi"
chown -R :python "${PIPX_HOME}"
chmod -R g+r+w "${PIPX_HOME}"
find "${PIPX_HOME}" -type d | xargs -n 1 chmod g+s
fi fi
# Install JupyterLab if needed # Install JupyterLab if needed
......
src/ruby/install.sh
View file @ fa07406f
...@@ -270,8 +270,6 @@ if [ "${SKIP_RBENV_RBUILD}" != "true" ]; then ...@@ -270,8 +270,6 @@ if [ "${SKIP_RBENV_RBUILD}" != "true" ]; then
if [ "${USERNAME}" != "root" ]; then if [ "${USERNAME}" != "root" ]; then
mkdir -p /home/${USERNAME}/.rbenv/plugins mkdir -p /home/${USERNAME}/.rbenv/plugins
sudo chown -R ${USERNAME} /home/${USERNAME}/.rbenv
sudo chown -R ${USERNAME} /usr/local/rvm/
if [[ ! -d "/home/${USERNAME}/.rbenv/plugins/ruby-build" ]]; then if [[ ! -d "/home/${USERNAME}/.rbenv/plugins/ruby-build" ]]; then
ln -s /usr/local/share/ruby-build /home/${USERNAME}/.rbenv/plugins/ruby-build ln -s /usr/local/share/ruby-build /home/${USERNAME}/.rbenv/plugins/ruby-build
...@@ -279,9 +277,16 @@ if [ "${SKIP_RBENV_RBUILD}" != "true" ]; then ...@@ -279,9 +277,16 @@ if [ "${SKIP_RBENV_RBUILD}" != "true" ]; then
ln -s /usr/local/rvm/rubies/default/bin/ruby /usr/local/rvm/gems/default/bin ln -s /usr/local/rvm/rubies/default/bin/ruby /usr/local/rvm/gems/default/bin
chown -R :rvm "/home/${USERNAME}/.rbenv"
chmod -R g+r+w "/home/${USERNAME}/.rbenv"
find "/home/${USERNAME}/.rbenv" -type d | xargs -n 1 chmod g+s
fi fi
fi fi
chown -R :rvm "/usr/local/rvm"
chmod -R g+r+w "/usr/local/rvm"
find "/usr/local/rvm" -type d | xargs -n 1 chmod g+s
# Clean up # Clean up
rvm cleanup all rvm cleanup all
${ROOT_GEM} cleanup ${ROOT_GEM} cleanup
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment