Github user rvesse commented on a diff in the pull request:
https://github.com/apache/spark/pull/23017#discussion_r233385383
--- Diff:
resource-managers/kubernetes/docker/src/main/dockerfiles/spark/entrypoint.sh ---
@@ -30,6 +30,10 @@ set -e
# If there is no passwd entry for the container UID, attempt to create one
if [ -z "$uidentry" ] ; then
if [ -w /etc/passwd ] ; then
+ # TODO Should we allow providing an environment variable to set
the desired username?
--- End diff --
Not the case. `USER` directives take effect at the point at which they
occur in the `Dockerfile`, so since the directive is placed after the
`ENTRYPOINT` directive the entry point script still runs as `root` allowing
adding UID entries and any other privileged setup operations that are needed
prior to the containers main process running and having its UID set
appropriately
If you manually drop into the resulting container you can see that your UID
is the specified non-privileged UID but that an `/etc/passwd` entry was
successfully added for you by the entry point script
---
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
