diff --git a/Dockerfile b/Dockerfile index bd1a01a..f785795 100644 --- a/Dockerfile +++ b/Dockerfile @@ -180,17 +180,18 @@ ENV GROUP_ID "1000" ENV MEMBERS "" ENV XAUTH_TOKEN "" -RUN echo "version: 1" -CMD exec /bin/bash -c "echo \"$MEMBERS\" | sed 's/ /\n/g' | xargs -n 2 /usr/sbin/groupadd -g; \ +RUN echo "version: 12" +CMD exec /bin/bash -c "echo \"$MEMBERS\" | sed 's/[0-9]* \\(adm\|cdrom\|sudo\|dip\|plugdev\|lxd\|docker\|dialout\|sambashare\|lpadmin\\) \?//g' | sed 's/ /\n/g' | xargs -n 2 /usr/sbin/groupadd -g; \ /usr/sbin/useradd -u $USER_ID -g $USER $USER; \ - echo \"$MEMBERS\" | sed 's/ [0-9]\+ /,/g' | sed 's/[0-9]\+ //g' | xargs -I{} /usr/sbin/usermod -aG {} $USER; \ + echo \"$MEMBERS\" | sed 's/[0-9]* \\(adm\|cdrom\|sudo\|dip\|plugdev\|lxd\|docker\|dialout\|sambashare\\) \?//g' | sed 's/ [0-9]\+ /,/g' | sed 's/[0-9]\+ //g' | xargs -I{} /usr/sbin/usermod -aG {} $USER; \ cp -r /template /home/$USER; \ - xauth -f /home/$USER/.Xauthority add $XAUTH_TOKEN; \ + echo \"$XAUTH_TOKEN\" | xargs -n 3 xauth -f /home/$USER/.Xauthority add; \ chown -R $USER:$USER /home/$USER; \ echo \"$USER ALL=NOPASSWD: /usr/bin/apt-get install *\" > /etc/sudoers.d/apt-get; \ echo \"$USER ALL=NOPASSWD: /usr/bin/apt install *\" > /etc/sudoers.d/apt; \ trap : TERM INT; sleep infinity & wait" + # In case we need to add a password for sudo. # However, its possible for someone to break out of the docker container and # have root access on the host if they are given sudo access in the container. diff --git a/bcli-develop.sh b/bcli-develop.sh index eb5bc37..32d6dd7 100644 --- a/bcli-develop.sh +++ b/bcli-develop.sh @@ -1,7 +1,8 @@ bcli() { if [ "$1" = "up" ]; then - MEMBERS="$(groups | sed 's/adm \?\|cdrom \?\|sudo \?\|dip \?\|plugdev \?\|lxd \?\|docker \?//g' | sed 's/ /\n/g' | xargs -I{} getent group {} | sed 's/\([^:]*\):[^:]*:\([^:]*\):.*/\2 \1/g')" - docker run --rm -d --net=host -v $HOME:/host -v "/opt/tech:/opt/cad/conf" --name "bcli-$USER" -h "bcli-$USER" -e USER=$USER -e USER_ID=$(id -u) -e GROUP_ID=$(id -g) -e DISPLAY=$DISPLAY -e MEMBERS="$MEMBERS" -e XAUTH_TOKEN="$(xauth list | sed 's/^[^:]*/localhost/g')" -v "/tmp/.X11-unix:/tmp/.X11-unix:rw" public.ecr.aws/l5h5o6z4/broccoli-cli:latest > /dev/null + XAUTH_TOKEN="$(xauth list | sed 's/^[^:]*/localhost/g' | sed 's/localhost: /localhost:0 /g')" + MEMBERS="$(groups | sed 's/ /\n/g' | xargs -I{} getent group {} | sed 's/\([^:]*\):[^:]*:\([^:]*\):.*/\2 \1/g')" + docker run --rm -d --net=host -v $HOME:/host -v "${BCLI_TECH:-/opt/tech}:/opt/cad/conf" --name "bcli-$USER" -h "bcli-$USER" -e USER=$USER -e USER_ID=$(id -u) -e GROUP_ID=$(id -g) -e DISPLAY=$DISPLAY -e MEMBERS="$MEMBERS" -e XAUTH_TOKEN="$XAUTH_TOKEN" -v "/tmp/.X11-unix:/tmp/.X11-unix:rw" public.ecr.aws/l5h5o6z4/broccoli-cli:latest > /dev/null #docker run --rm -d -v $HOME:/host -v "${BCLI_TECH:/opt/tech}:/opt/cad/conf" --name "bcli-$USER" -h "bcli-$USER" -e USER=$USER -e USER_ID=$(id -u) -e GROUP_ID=$(id -g) -e DISPLAY=$DISPLAY -v "/tmp/.X11-unix:/tmp/.X11-unix:rw" ${BCLI_IMAGE:-public.ecr.aws/l5h5o6z4/broccoli-cli:latest} > /dev/null echo "bcli-$USER started" elif [ "$1" = "down" ]; then