-
-
Notifications
You must be signed in to change notification settings - Fork 127
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Allow running as non-root #353
Comments
It already runs openHAB as a non root "openhab" user that you can specify using the USER_ID and GROUP_ID env vars. See: https://github.com/openhab/openhab-docker#environment-variables |
That's not entirely correct:
This can be worked around with some effort. Also the (version-) update script hardcodes a check for uid 0. |
Yes it does some initial setup as "root" so users can use a custom UID/GID for the "openhab" user, e.g. so it matches those of a user on the host. Afterwards it uses gosu to run openHAB as "openhab". Would you like to skip that setup part when running as non-root user? It probably already has sufficient permissions to do the upgrade as "openhab" user. |
Yes. That's what I mean. In some environments running as non-root is required. The image is generally suitable for that but not quiet. I propose to skip this setup (in the entrypoint) when not running as root. In the upgrade skript I would simply warn that it's not running as root or simply drop the check altogether. |
Yes that makes sense to also support such a setup for users who prefer the extra security over customizing UID/GIDs. Skipping the |
It is possible to run OpenHAB without being root. You will have to jump through some hoops to do so though. It would be great not to have to do that.
Would you consider a pull request adding the option to run the image as a different uid?
The text was updated successfully, but these errors were encountered: