Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

docs: useradd issue #1217

Open
adrianrudnik opened this issue Dec 1, 2024 · 3 comments
Open

docs: useradd issue #1217

adrianrudnik opened this issue Dec 1, 2024 · 3 comments
Labels
bug Something isn't working

Comments

@adrianrudnik
Copy link

What happened?

I'm currently working through https://frankenphp.dev/docs/docker/#running-with-no-capabilities and see the line useradd -D ${USER}; mentioned several times.

Following through the example:

docker run -it --rm dunglas/frankenphp bash
export USER=www-data
useradd -D ${USER}

just prints the commands help.

-D for useradd is print or change default useradd configuration.
-D for adduser is Don't assign a password

From my understanding the intention is to add a user www-data without a password on debian? That would be useradd without specifying -p. But even then

cat /etc/passwd | grep www-data

show the user already exists, so can it be omitted because it serves nothing?

Build Type

Docker (Debian Bookworm)

Worker Mode

Yes

Operating System

GNU/Linux

CPU Architecture

x86_64

PHP configuration

The one installed in the docker image dunglas/frankenphp

Relevant log output

No response

@adrianrudnik adrianrudnik added the bug Something isn't working label Dec 1, 2024
@adrianrudnik
Copy link
Author

In addition, in the upstream image, the home folder for the user www-data is configured to be /var/www:

cat /etc/passwd | grep www-data
> www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin

but the user has no access to it, as everything is owned by root

ls -ldh /var/www
drwxr-xr-x 3 root root 4.0K Nov 21 17:54 /var/www

Any reason why /app is preferred over `/var/www'?

@AlliBalliBaba
Copy link
Collaborator

You're right, www-data already exists in all the official php images. I'd go a step further and change the user id of www-data to 1000 like this image does (so file permissions are correctly mapped when using the image locally).

As for /app vs /var/www, I think /app is a container convention. Before containers, application files usually were just copied to a permanently running server, in other words they were 'variable' and therefore put into the var folder. Containers are usually deployed as a whole and the application files aren't changed afterwards.

@kohenkatz
Copy link
Contributor

I found the -D issue in the docs and made a PR to fix it here: #1243

I think that's helpful regardless of the existing www-data account, because people might want to use other named accounts. Maybe the example name in the docs should be changed though.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working
Projects
None yet
Development

No branches or pull requests

3 participants