Running Docker container as a jailed Shell User

Discussion in 'General' started by senormedia, Mar 18, 2024.

Tags:
  1. senormedia

    senormedia Member HowtoForge Supporter

    How can i edit the files in the client folder i create from docker using jailkit
    i currently do sudo mkdir /var/www/client1/web59/web/docker_folder
    then sudo docker etc... to folder clients location

    i can view the files but cannot edit, also would it be possible to use docker as jailed user

    i tried
    sudo usermod -aG docker web59
    and also
    sudo usermod -aG docker docker_dev (docker_dev is the shell user created in ispconfig)
     
    senormedia, Mar 18, 2024
    #1
  2. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    Did you after
    Code:
    sudo mkdir /var/www/client1/web59/web/docker_folder
    change owner and permissions of the created folder? User web59 can not edit the files if they are owned by root and do not have write permission.
     
    Taleman, Mar 18, 2024
    #2
  3. senormedia

    senormedia Member HowtoForge Supporter

    i created the folder with the client, i thought if i added user web59 to docker i would be able to use docker and have permissions to write
    so do i just keep doing it how i do it and just change permissions of folder so client can edit?
     
    senormedia, Mar 18, 2024
    #3
  4. senormedia

    senormedia Member HowtoForge Supporter

    i ran sudo chown -R web59:client1 /var/www/clients/client1/web59/web/docker_folder
    and was able to edit files but then docker does not work, then if i set the permissions inside the docker container then i cannot edit files as client?
     
    senormedia, Mar 19, 2024
    #4
  5. till

    till Super Moderator Staff Member ISPConfig Developer

    Editing the same file inside and outside of a Docker container on Linux works only when the user inside and outside of the Docker container uses the same numeric UID (User ID). So the user that runs inside the Docker container and edits files there, which are available via a volume to him, must have the same UID as the web user of the website.
     
    till, Mar 19, 2024
    #5
  6. senormedia

    senormedia Member HowtoForge Supporter

    ok i got something its working and container works as well what i did was just get my user and group id with
    id -u web59
    id -g client1
    or log into ssh user and run ls -n
    then on my docker file
    websocket:
    image: docker_image/docker_image
    restart: always
    ports:
    - ${WEBSOCKET_PORT}:8080
    user: "${WEB_UID}:${CLIENT_GID}"

    not sure if this is the best approach but works
    Would it be possible to run docker on slaves from the ispconfig dashboard?
     
    senormedia, Mar 19, 2024
    #6
  7. till

    till Super Moderator Staff Member ISPConfig Developer

    I'm working on a Docker module for iSPConfig already.
     
    till, Mar 19, 2024
    #7
    ahrasis likes this.

Share This Page