-
-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathinstall.sh
executable file
·109 lines (94 loc) · 3.1 KB
/
install.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
#!/bin/sh
error() {
echo "$*" >&2
exit 1
}
set -eu
current_uid="$(id -u)"
if [ "${current_uid}" != 0 ]; then
error "This script must be run as root."
fi
unset current_uid
if ! command -v curl >/dev/null && ! command -v wget >/dev/null; then
error "This script needs curl or wget installed."
fi
fixdockergid_dir=/usr/local/share/fixdockergid
mkdir -p "${fixdockergid_dir}"
cd "${fixdockergid_dir}"
_fixdockergid_filename='_fixdockergid'
if [ -f "${_fixdockergid_filename}" ]; then
# Used when building fixdockergid's Dockerfile
echo "Using existing ${fixdockergid_dir}/${_fixdockergid_filename}"
else
if [ -z "${FIXDOCKERGID_VERSION:-}" ]; then
error "The FIXDOCKERGID_VERSION environment variable must be set."
fi
echo "Downloading ${_fixdockergid_filename} to ${fixdockergid_dir}/${_fixdockergid_filename}"
_fixdockergid_url="https://github.com/felipecrs/fixdockergid/releases/download/v${FIXDOCKERGID_VERSION}/_fixdockergid.linux_$(dpkg --print-architecture)"
if command -v curl >/dev/null; then
curl -fsSL -o "${_fixdockergid_filename}" "${_fixdockergid_url}"
else
wget -q -O "${_fixdockergid_filename}" "${_fixdockergid_url}"
fi
fi
chown root:root "${_fixdockergid_filename}"
chmod 4755 "${_fixdockergid_filename}"
## Install fixuid
if ! command -v fixuid >/dev/null; then
if [ -z "${USERNAME:-}" ]; then
error "The USERNAME environment variable must be set."
fi
if ! getent passwd "${USERNAME}" >/dev/null; then
error "The user ${USERNAME} does not exist."
fi
GROUPNAME="${GROUPNAME:-"${USERNAME}"}"
if ! getent group "${GROUPNAME}" >/dev/null; then
error "The group ${GROUPNAME} does not exist."
fi
fixuid_version='0.6.0'
echo "Installing fixuid v${fixuid_version}"
fixuid_url="https://github.com/boxboat/fixuid/releases/download/v${fixuid_version}/fixuid-${fixuid_version}-linux-$(dpkg --print-architecture).tar.gz"
fixuid_filename='fixuid.tar.gz'
if command -v curl >/dev/null; then
curl -fsSL -o "${fixuid_filename}" "${fixuid_url}"
else
wget -q -O "${fixuid_filename}" "${fixuid_url}"
fi
fixuid_dir='/usr/local/bin'
tar -C "${fixuid_dir}" -xzf "${fixuid_filename}"
rm -f "${fixuid_filename}"
fixuid_binary="${fixuid_dir}/fixuid"
chown root:root "${fixuid_binary}"
chmod 4755 "${fixuid_binary}"
mkdir -p /etc/fixuid
printf "%s\n" "user: ${USERNAME}" "group: ${GROUPNAME}" >/etc/fixuid/config.yml
fi
fixdockergid_binary='/usr/local/bin/fixdockergid'
echo "Installing fixdockergid to ${fixdockergid_binary}"
tee "${fixdockergid_binary}" >/dev/null \
<<EOF
#!/bin/sh
set -eu
if [ "\${FIXDOCKERGID_DEBUG:-}" = "true" ]; then
set -x
fixuid_flags=""
else
fixuid_flags="-q"
fi
# Skip if running as root
current_uid="\$(id -u)"
if [ "\${current_uid}" = 0 ]; then
exec "\$@"
fi
unset current_uid
'${fixdockergid_dir}/${_fixdockergid_filename}'
exec fixuid \${fixuid_flags} -- "\$@"
EOF
chmod +x "${fixdockergid_binary}"
echo "Ensuring docker group exists"
if ! getent group docker >/dev/null; then
groupadd -r docker
fi
echo "Ensuring ${USERNAME} is part of docker group"
usermod -a -G docker "${USERNAME}"
echo "fixdockergid installation done."