From 488d0190bbee7414cb9a48a47acad592c6661659 Mon Sep 17 00:00:00 2001 From: Klaas van Schelven Date: Thu, 31 Jul 2025 11:01:51 +0200 Subject: [PATCH] Docker: use a fixed UID (14237) for the bugsink user * Rebuilding the image will not accidentally assign a different UID to `bugsink` this would be "extremely annoying" in the context of bind-mounts and volumes. * Ensures predictable ownership for bind-mounts and Docker volumes at build time. * Avoids collisions with existing host accounts Considerations for 14237: * well below the 65535 limit, keeping it compatible with default subuid/subgid mappings. * Positioned above 1000 to steer clear of standard system and regular user ranges. * Not so large that older filesystems or tooling (e.g., simple NFS exports) might have issues. See #176 --- Dockerfile | 4 ++-- Dockerfile.fromwheel | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Dockerfile b/Dockerfile index 1f02ff3..d8182a2 100644 --- a/Dockerfile +++ b/Dockerfile @@ -47,8 +47,8 @@ COPY bugsink/conf_templates/docker.py.template bugsink_conf.py RUN apt update && apt install -y git RUN pip install -e . -RUN groupadd -r bugsink \ - && useradd -r -g bugsink bugsink \ +RUN groupadd --gid 14237 bugsink \ + && useradd --uid 14237 --gid bugsink \ && mkdir -p /data \ && chown -R bugsink:bugsink /data diff --git a/Dockerfile.fromwheel b/Dockerfile.fromwheel index 476011b..882e09d 100644 --- a/Dockerfile.fromwheel +++ b/Dockerfile.fromwheel @@ -73,8 +73,8 @@ RUN --mount=type=cache,target=/var/cache/buildkit/pip \ COPY bugsink/conf_templates/docker.py.template bugsink_conf.py COPY gunicorn.docker.conf.py /app/ -RUN groupadd -r bugsink \ - && useradd -r -g bugsink bugsink \ +RUN groupadd --gid 14237 bugsink \ + && useradd --uid 14237 --gid bugsink \ && mkdir -p /data \ && chown -R bugsink:bugsink /data