Docker Build Fails on adduser Command with Google Cloud SDK Base Image
I'm working on a Dockerfile that uses gcr.io/google.com/cloudsdktool/google-cloud-cli:latest as a base image. My goal is to add a non-root user and configure it for passwordless sudo access. However, the build process fails at the step where I try to add a new user with the adduser command. Here's the relevant part of my Dockerfile:
# Example for Debian/Ubuntu base image
FROM gcr.io/google.com/cloudsdktool/google-cloud-cli:latest
# Other installation commands here...
# Add and configure a non-root user
ARG USER=coder
RUN adduser --disabled-password --gecos '' ${USER} && \
echo "${USER} ALL=(ALL) NOPASSWD:ALL" > /etc/sudoers.d/${USER} && \
chmod 0440 /etc/sudoers.d/${USER}
USER ${USER}
WORKDIR /home/${USER}
During the build process, I encounter the following error:
Error: process "/bin/sh -c adduser --disabled-password --gecos '' ${USER} && echo \"${USER} ALL=(ALL) NOPASSWD:ALL\" > /etc/sudoers.d/${USER} && chmod 0440 /etc/sudoers.d/${USER}" did not complete successfully: exit code: 2
This is the output from Terraform that's running the Docker build process. Despite following suggestions such as verifying the base image, considering the use of useradd instead of adduser, ensuring environment variables are correctly passed, and even attempting to break down the RUN command into smaller steps for debugging, the issue persists.
I am unsure if this is related to the specifics of the Google Cloud SDK base image or if there's an error in my approach to adding a user in this Docker environment. Has anyone faced a similar issue or has insights into what might be going wrong here?
This will do the job. The reason for your error was that the /etc/sudoers.d/ directory did not exist. If you install the sudo package then it creates that directory and your RUN command will work. See Dockerfile below.
Echoing the comment from @David Maze: although you can do this, it might not really make sense to create a non-root user if you are going to be using sudo to run commands. Why not just do whatever as the root user?
FROM gcr.io/google.com/cloudsdktool/google-cloud-cli:latest
RUN apt-get update && \
apt-get install -y \
sudo
ARG USER=coder
RUN adduser --disabled-password --gecos '' ${USER} && \
echo "${USER} ALL=(ALL) NOPASSWD:ALL" > /etc/sudoers.d/${USER} && \
chmod 0440 /etc/sudoers.d/${USER}
USER ${USER}
WORKDIR /home/${USER}
# Check that sudo works.
CMD whoami && sudo whoami
- Why docker container exits immediately
- The Name of Hyperledger Fabric Test Network is not detected by an Application given in the fabric samples
- What is the difference between alpine docker image and busybox docker image?
- Inspect local image with Skopeo
- FastAPI inside docker stopped receiving any requests after a while
- At least one invalid signature was encountered
- docker build --platform=linux/amd64 fails: ERROR: failed to solve: no match for platform in manifest
- Unable to access hiveserver2 via beeline
- What is the "RECLAIMABLE" space displayed in docker system df?
- Deploying sites on Kubernetes pods and deployment not showing
- PostGIS Installation "could not open extension control file"
- Broken urls in Jekyll in Docker
- Docker Desktop for Windows Dashboard runs but not Docker itself
- You're not authorized to run analysis. Please contact the project administrator Sonarqube local
- Traefik can't connect to ACME Server
- How do I configure Nginx Proxy Manager to proxy an OnlyOffice Document Server Docker container?
- bcrypt and Docker bcrypt_lib.node: invalid ELF header
- How to handle long startup times in Azure App Service deployment
- Why set VISIBLE=NOW in /etc/profile?
- Go App deployment error on redhat openshift. CreateContainerError
- error MSB3073: The command "npm install" exited with code 1
- When pushing to ECS, Docker image errors out with module not found error
- Preparation failed: Cannot connect to the Docker daemon at unix:///var/run/docker.sock
- docker-compose is installed but docker compose is not recognized
- How to know if a docker container is running in privileged mode
- What is the point of WORKDIR on Dockerfile?
- How to install PHP composer inside a docker container
- Error starting userland proxy: listen tcp4 0.0.0.0:80: bind: address already in use
- Docker repository server gave HTTP response to HTTPS client
- How can I resolve “server gave HTTP response to HTTPS client”