Why my entrypoint script doesn't take effect of umask value while starting?
up vote
0
down vote
favorite
After creating container umask value is correct i.e 027 but while container is starting inside entrypoint it displays the 002 which was set inside /etc/profile
Dockerfle
FROM alpine:3.8
ENV ENV='/home/deploy/.profile'
RUN set -ex
&& addgroup -g 1000 deploy
&& adduser -D -u 1000 -G deploy -s /bin/sh deploy
&& echo "umask 027" > /home/deploy/.profile
USER deploy
.
.
.
COPY entrypoint.sh /
ENTRYPOINT ["/entrypoint.sh"]
CMD ["php-fpm7","-F"]
entrypoint.sh
#!/bin/sh
set -ax
umask # it outputs 022 which I expect to be 027
exec "$@"
docker alpine-linux
|
show 3 more comments
up vote
0
down vote
favorite
After creating container umask value is correct i.e 027 but while container is starting inside entrypoint it displays the 002 which was set inside /etc/profile
Dockerfle
FROM alpine:3.8
ENV ENV='/home/deploy/.profile'
RUN set -ex
&& addgroup -g 1000 deploy
&& adduser -D -u 1000 -G deploy -s /bin/sh deploy
&& echo "umask 027" > /home/deploy/.profile
USER deploy
.
.
.
COPY entrypoint.sh /
ENTRYPOINT ["/entrypoint.sh"]
CMD ["php-fpm7","-F"]
entrypoint.sh
#!/bin/sh
set -ax
umask # it outputs 022 which I expect to be 027
exec "$@"
docker alpine-linux
2
/etc/profileand~/.profileare only loaded when the shell is a login shell. Docker'sRUNinstruction spawns a non-login shell by default. No profile ⇒ no umask.
– n.st
Nov 25 at 22:02
But I have not set the umask value through RUN. It is inside /home/deploy/.profile . and the USER is deploy. So you mean when entrypoint script gets executed while starting the container it is not a login shell. Please correct me if I am wrong.Thanks.
– SkyRar
Nov 25 at 22:42
Sorry, I meant to typeCMDinstead ofRUN. Based on the documentation, when Docker reaches yourCMD ["php-fpm7","-F"], it runs the entrypoint with theCMDas arguments like this:sh -c /entrypoint.sh php-fpm7 -F. Sincesh(which should beashon Alpine) isn't started as a login shell, it does not look at/home/deploy/.profileand the umask stays unchanged.
– n.st
Nov 25 at 22:57
This is all conjecture based on the documentation, as I don't have a Docker installation to test this on at the moment. To test it for yourself, you could modify yourentrypoint.shto output whether it's running in a login or non-login shell, though.
– n.st
Nov 25 at 22:59
Thanks I got it. Can you give me some pointers how can I run the entrypoint script as a login shell ? IsENTRYPOINT ["sh","-l","-c"]okay ?
– SkyRar
Nov 25 at 23:22
|
show 3 more comments
up vote
0
down vote
favorite
up vote
0
down vote
favorite
After creating container umask value is correct i.e 027 but while container is starting inside entrypoint it displays the 002 which was set inside /etc/profile
Dockerfle
FROM alpine:3.8
ENV ENV='/home/deploy/.profile'
RUN set -ex
&& addgroup -g 1000 deploy
&& adduser -D -u 1000 -G deploy -s /bin/sh deploy
&& echo "umask 027" > /home/deploy/.profile
USER deploy
.
.
.
COPY entrypoint.sh /
ENTRYPOINT ["/entrypoint.sh"]
CMD ["php-fpm7","-F"]
entrypoint.sh
#!/bin/sh
set -ax
umask # it outputs 022 which I expect to be 027
exec "$@"
docker alpine-linux
After creating container umask value is correct i.e 027 but while container is starting inside entrypoint it displays the 002 which was set inside /etc/profile
Dockerfle
FROM alpine:3.8
ENV ENV='/home/deploy/.profile'
RUN set -ex
&& addgroup -g 1000 deploy
&& adduser -D -u 1000 -G deploy -s /bin/sh deploy
&& echo "umask 027" > /home/deploy/.profile
USER deploy
.
.
.
COPY entrypoint.sh /
ENTRYPOINT ["/entrypoint.sh"]
CMD ["php-fpm7","-F"]
entrypoint.sh
#!/bin/sh
set -ax
umask # it outputs 022 which I expect to be 027
exec "$@"
docker alpine-linux
docker alpine-linux
edited Nov 25 at 21:32
asked Nov 25 at 20:59
SkyRar
99
99
2
/etc/profileand~/.profileare only loaded when the shell is a login shell. Docker'sRUNinstruction spawns a non-login shell by default. No profile ⇒ no umask.
– n.st
Nov 25 at 22:02
But I have not set the umask value through RUN. It is inside /home/deploy/.profile . and the USER is deploy. So you mean when entrypoint script gets executed while starting the container it is not a login shell. Please correct me if I am wrong.Thanks.
– SkyRar
Nov 25 at 22:42
Sorry, I meant to typeCMDinstead ofRUN. Based on the documentation, when Docker reaches yourCMD ["php-fpm7","-F"], it runs the entrypoint with theCMDas arguments like this:sh -c /entrypoint.sh php-fpm7 -F. Sincesh(which should beashon Alpine) isn't started as a login shell, it does not look at/home/deploy/.profileand the umask stays unchanged.
– n.st
Nov 25 at 22:57
This is all conjecture based on the documentation, as I don't have a Docker installation to test this on at the moment. To test it for yourself, you could modify yourentrypoint.shto output whether it's running in a login or non-login shell, though.
– n.st
Nov 25 at 22:59
Thanks I got it. Can you give me some pointers how can I run the entrypoint script as a login shell ? IsENTRYPOINT ["sh","-l","-c"]okay ?
– SkyRar
Nov 25 at 23:22
|
show 3 more comments
2
/etc/profileand~/.profileare only loaded when the shell is a login shell. Docker'sRUNinstruction spawns a non-login shell by default. No profile ⇒ no umask.
– n.st
Nov 25 at 22:02
But I have not set the umask value through RUN. It is inside /home/deploy/.profile . and the USER is deploy. So you mean when entrypoint script gets executed while starting the container it is not a login shell. Please correct me if I am wrong.Thanks.
– SkyRar
Nov 25 at 22:42
Sorry, I meant to typeCMDinstead ofRUN. Based on the documentation, when Docker reaches yourCMD ["php-fpm7","-F"], it runs the entrypoint with theCMDas arguments like this:sh -c /entrypoint.sh php-fpm7 -F. Sincesh(which should beashon Alpine) isn't started as a login shell, it does not look at/home/deploy/.profileand the umask stays unchanged.
– n.st
Nov 25 at 22:57
This is all conjecture based on the documentation, as I don't have a Docker installation to test this on at the moment. To test it for yourself, you could modify yourentrypoint.shto output whether it's running in a login or non-login shell, though.
– n.st
Nov 25 at 22:59
Thanks I got it. Can you give me some pointers how can I run the entrypoint script as a login shell ? IsENTRYPOINT ["sh","-l","-c"]okay ?
– SkyRar
Nov 25 at 23:22
2
2
/etc/profile and ~/.profile are only loaded when the shell is a login shell. Docker's RUN instruction spawns a non-login shell by default. No profile ⇒ no umask.– n.st
Nov 25 at 22:02
/etc/profile and ~/.profile are only loaded when the shell is a login shell. Docker's RUN instruction spawns a non-login shell by default. No profile ⇒ no umask.– n.st
Nov 25 at 22:02
But I have not set the umask value through RUN. It is inside /home/deploy/.profile . and the USER is deploy. So you mean when entrypoint script gets executed while starting the container it is not a login shell. Please correct me if I am wrong.Thanks.
– SkyRar
Nov 25 at 22:42
But I have not set the umask value through RUN. It is inside /home/deploy/.profile . and the USER is deploy. So you mean when entrypoint script gets executed while starting the container it is not a login shell. Please correct me if I am wrong.Thanks.
– SkyRar
Nov 25 at 22:42
Sorry, I meant to type
CMD instead of RUN. Based on the documentation, when Docker reaches your CMD ["php-fpm7","-F"], it runs the entrypoint with the CMD as arguments like this: sh -c /entrypoint.sh php-fpm7 -F. Since sh (which should be ash on Alpine) isn't started as a login shell, it does not look at /home/deploy/.profile and the umask stays unchanged.– n.st
Nov 25 at 22:57
Sorry, I meant to type
CMD instead of RUN. Based on the documentation, when Docker reaches your CMD ["php-fpm7","-F"], it runs the entrypoint with the CMD as arguments like this: sh -c /entrypoint.sh php-fpm7 -F. Since sh (which should be ash on Alpine) isn't started as a login shell, it does not look at /home/deploy/.profile and the umask stays unchanged.– n.st
Nov 25 at 22:57
This is all conjecture based on the documentation, as I don't have a Docker installation to test this on at the moment. To test it for yourself, you could modify your
entrypoint.sh to output whether it's running in a login or non-login shell, though.– n.st
Nov 25 at 22:59
This is all conjecture based on the documentation, as I don't have a Docker installation to test this on at the moment. To test it for yourself, you could modify your
entrypoint.sh to output whether it's running in a login or non-login shell, though.– n.st
Nov 25 at 22:59
Thanks I got it. Can you give me some pointers how can I run the entrypoint script as a login shell ? Is
ENTRYPOINT ["sh","-l","-c"] okay ?– SkyRar
Nov 25 at 23:22
Thanks I got it. Can you give me some pointers how can I run the entrypoint script as a login shell ? Is
ENTRYPOINT ["sh","-l","-c"] okay ?– SkyRar
Nov 25 at 23:22
|
show 3 more comments
active
oldest
votes
active
oldest
votes
active
oldest
votes
active
oldest
votes
active
oldest
votes
Thanks for contributing an answer to Unix & Linux Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Some of your past answers have not been well-received, and you're in danger of being blocked from answering.
Please pay close attention to the following guidance:
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f484089%2fwhy-my-entrypoint-script-doesnt-take-effect-of-umask-value-while-starting%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
2
/etc/profileand~/.profileare only loaded when the shell is a login shell. Docker'sRUNinstruction spawns a non-login shell by default. No profile ⇒ no umask.– n.st
Nov 25 at 22:02
But I have not set the umask value through RUN. It is inside /home/deploy/.profile . and the USER is deploy. So you mean when entrypoint script gets executed while starting the container it is not a login shell. Please correct me if I am wrong.Thanks.
– SkyRar
Nov 25 at 22:42
Sorry, I meant to type
CMDinstead ofRUN. Based on the documentation, when Docker reaches yourCMD ["php-fpm7","-F"], it runs the entrypoint with theCMDas arguments like this:sh -c /entrypoint.sh php-fpm7 -F. Sincesh(which should beashon Alpine) isn't started as a login shell, it does not look at/home/deploy/.profileand the umask stays unchanged.– n.st
Nov 25 at 22:57
This is all conjecture based on the documentation, as I don't have a Docker installation to test this on at the moment. To test it for yourself, you could modify your
entrypoint.shto output whether it's running in a login or non-login shell, though.– n.st
Nov 25 at 22:59
Thanks I got it. Can you give me some pointers how can I run the entrypoint script as a login shell ? Is
ENTRYPOINT ["sh","-l","-c"]okay ?– SkyRar
Nov 25 at 23:22