Docker: Add matching groups for default users #2262

2025-10-05 16:57:17 +08:00 · 2022-04-18 19:12:26 +02:00
parent 9ad4351c4a
commit df6ca40a82
11 changed files with 51 additions and 67 deletions
--- a/docker/develop/armv7/Dockerfile
+++ b/docker/develop/armv7/Dockerfile
@@ -41,11 +41,6 @@ RUN echo 'APT::Acquire::Retries "3";' > /etc/apt/apt.conf.d/80retries && \
    echo 'APT::Install-Suggests "false";' > /etc/apt/apt.conf.d/80suggests && \
    echo 'APT::Get::Assume-Yes "true";' > /etc/apt/apt.conf.d/80forceyes && \
    echo 'APT::Get::Fix-Missing "true";' > /etc/apt/apt.conf.d/80fixmissing && \
-    groupadd -f -r -g 44 video && \
-    groupadd -f -r -g 109 render && \
-    groupadd -f -g 1000 photoprism && \
-    useradd -m -g 1000 -u 1000 -d /photoprism -G video,render photoprism && \
-    chmod 777 /photoprism && \
    apt-get update && apt-get -qq dist-upgrade && apt-get -qq install --no-install-recommends \
      apt-utils \
      gpg \
--- a/docker/develop/bullseye-slim/Dockerfile
+++ b/docker/develop/bullseye-slim/Dockerfile
@@ -35,11 +35,6 @@ RUN echo 'APT::Acquire::Retries "3";' > /etc/apt/apt.conf.d/80retries && \
    echo 'APT::Install-Suggests "false";' > /etc/apt/apt.conf.d/80suggests && \
    echo 'APT::Get::Assume-Yes "true";' > /etc/apt/apt.conf.d/80forceyes && \
    echo 'APT::Get::Fix-Missing "true";' > /etc/apt/apt.conf.d/80fixmissing && \
-    groupadd -f -r -g 44 video && \
-    groupadd -f -r -g 109 render && \
-    groupadd -f -g 1000 photoprism && \
-    useradd -m -g 1000 -u 1000 -d /photoprism -G video,render photoprism && \
-    chmod 777 /photoprism && \
    apt-get update && apt-get -qq dist-upgrade && apt-get -qq install --no-install-recommends \
      ca-certificates \
      jq \
--- a/docker/develop/bullseye/Dockerfile
+++ b/docker/develop/bullseye/Dockerfile
@@ -41,11 +41,6 @@ RUN echo 'APT::Acquire::Retries "3";' > /etc/apt/apt.conf.d/80retries && \
    echo 'APT::Install-Suggests "false";' > /etc/apt/apt.conf.d/80suggests && \
    echo 'APT::Get::Assume-Yes "true";' > /etc/apt/apt.conf.d/80forceyes && \
    echo 'APT::Get::Fix-Missing "true";' > /etc/apt/apt.conf.d/80fixmissing && \
-    groupadd -f -r -g 44 video && \
-    groupadd -f -r -g 109 render && \
-    groupadd -f -g 1000 photoprism && \
-    useradd -m -g 1000 -u 1000 -d /photoprism -G video,render photoprism && \
-    chmod 777 /photoprism && \
    apt-get update && apt-get -qq dist-upgrade && \
    apt-get -qq install \
      apt-utils \
--- a/docker/develop/buster/Dockerfile
+++ b/docker/develop/buster/Dockerfile
@@ -41,11 +41,6 @@ RUN echo 'APT::Acquire::Retries "3";' > /etc/apt/apt.conf.d/80retries && \
    echo 'APT::Install-Suggests "false";' > /etc/apt/apt.conf.d/80suggests && \
    echo 'APT::Get::Assume-Yes "true";' > /etc/apt/apt.conf.d/80forceyes && \
    echo 'APT::Get::Fix-Missing "true";' > /etc/apt/apt.conf.d/80fixmissing && \
-    groupadd -f -r -g 44 video && \
-    groupadd -f -r -g 109 render && \
-    groupadd -f -g 1000 photoprism && \
-    useradd -m -g 1000 -u 1000 -d /photoprism -G video,render photoprism && \
-    chmod 777 /photoprism && \
    apt-get update && apt-get -qq dist-upgrade && apt-get -qq install --no-install-recommends \
      apt-utils \
      gpg \
--- a/docker/develop/impish/Dockerfile
+++ b/docker/develop/impish/Dockerfile
@@ -40,11 +40,6 @@ RUN echo 'APT::Acquire::Retries "3";' > /etc/apt/apt.conf.d/80retries && \
    echo 'APT::Install-Suggests "false";' > /etc/apt/apt.conf.d/80suggests && \
    echo 'APT::Get::Assume-Yes "true";' > /etc/apt/apt.conf.d/80forceyes && \
    echo 'APT::Get::Fix-Missing "true";' > /etc/apt/apt.conf.d/80fixmissing && \
-    groupadd -f -r -g 44 video && \
-    groupadd -f -r -g 109 render && \
-    groupadd -f -g 1000 photoprism && \
-    useradd -m -g 1000 -u 1000 -d /photoprism -G video,render photoprism && \
-    chmod 777 /photoprism && \
    apt-get update && apt-get -qq dist-upgrade && apt-get -qq install --no-install-recommends \
      apt-utils \
      gpg \
--- a/docker/develop/jammy/Dockerfile
+++ b/docker/develop/jammy/Dockerfile
@@ -40,11 +40,6 @@ RUN echo 'APT::Acquire::Retries "3";' > /etc/apt/apt.conf.d/80retries && \
    echo 'APT::Install-Suggests "false";' > /etc/apt/apt.conf.d/80suggests && \
    echo 'APT::Get::Assume-Yes "true";' > /etc/apt/apt.conf.d/80forceyes && \
    echo 'APT::Get::Fix-Missing "true";' > /etc/apt/apt.conf.d/80fixmissing && \
-    groupadd -f -r -g 44 video && \
-    groupadd -f -r -g 109 render && \
-    groupadd -f -g 1000 photoprism && \
-    useradd -m -g 1000 -u 1000 -d /photoprism -G video,render photoprism && \
-    chmod 777 /photoprism && \
    apt-get update && apt-get -qq dist-upgrade && \
    apt-get -qq install \
      apt-utils \
--- a/docker/photoprism/armv7/Dockerfile
+++ b/docker/photoprism/armv7/Dockerfile
@@ -90,9 +90,6 @@ RUN echo 'APT::Acquire::Retries "3";' > /etc/apt/apt.conf.d/80retries && \
    mv /opt/photoprism/sbin/gosu /usr/local/sbin/gosu && \
    chown root:root /usr/local/sbin/gosu && \
    chmod 755 /usr/local/sbin/gosu && \
-    groupadd -f -r -g 44 video && groupadd -f -r -g 109 render && groupadd -f -g 1000 photoprism && \
-    useradd -m -g 1000 -u 1000 -d /photoprism -G video,render photoprism && \
-    chmod 777 /photoprism && \
    apt-get update && apt-get -qq dist-upgrade && apt-get -qq install --no-install-recommends \
      libc6 ca-certificates sudo bash tzdata \
      gpg zip unzip wget curl rsync make nano \
@@ -101,6 +98,14 @@ RUN echo 'APT::Acquire::Retries "3";' > /etc/apt/apt.conf.d/80retries && \
      ffmpeg ffmpegthumbnailer libavcodec-extra libwebm1 \
      libmatroska7 libdvdread8 libebml5 libgav1-0 libatomic1 \
      libx264-163 libx265-199 && \
+    && \
+    echo 'alias ll="ls -alh"' >> /etc/skel/.bashrc && \
+    echo 'export PS1="\u@$DOCKER_TAG:\w\$ "' >> /etc/skel/.bashrc && \
+    echo "ALL ALL=(ALL) NOPASSWD:SETENV: /scripts/entrypoint-init.sh" >> /etc/sudoers.d/init && \
+    cp /etc/skel/.bashrc /root/.bashrc && \
+    /scripts/create-users.sh && \
+    /scripts/cleanup.sh && \
+    cp /scripts/heif-convert.sh /usr/local/bin/heif-convert && \
    install -d -m 0777 -o 1000 -g 1000 \
      /var/lib/photoprism \
      /tmp/photoprism \
@@ -111,11 +116,8 @@ RUN echo 'APT::Acquire::Retries "3";' > /etc/apt/apt.conf.d/80retries && \
      /photoprism/storage/albums \
      /photoprism/storage/backups \
      /photoprism/storage/config \
-      /photoprism/storage/cache \
-    && \
-    echo "ALL ALL=(ALL) NOPASSWD:SETENV: /scripts/entrypoint-init.sh" >> /etc/sudoers.d/init && \
-    cp /scripts/heif-convert.sh /usr/local/bin/heif-convert && \
-    /scripts/cleanup.sh
+      /photoprism/storage/cache
+

 # define default directory and user
 WORKDIR /photoprism
--- a/docker/photoprism/buster/Dockerfile
+++ b/docker/photoprism/buster/Dockerfile
@@ -90,9 +90,6 @@ RUN echo 'APT::Acquire::Retries "3";' > /etc/apt/apt.conf.d/80retries && \
    mv /opt/photoprism/sbin/gosu /usr/local/sbin/gosu && \
    chown root:root /usr/local/sbin/gosu && \
    chmod 755 /usr/local/sbin/gosu && \
-    groupadd -f -r -g 44 video && groupadd -f -r -g 109 render && groupadd -f -g 1000 photoprism && \
-    useradd -m -g 1000 -u 1000 -d /photoprism -G video,render photoprism && \
-    chmod 777 /photoprism && \
    apt-get update && apt-get -qq dist-upgrade && apt-get -qq install --no-install-recommends \
      ca-certificates \
      jq \
@@ -117,6 +114,13 @@ RUN echo 'APT::Acquire::Retries "3";' > /etc/apt/apt.conf.d/80retries && \
      libavcodec-extra \
    && \
    /scripts/install-darktable.sh && \
+    echo 'alias ll="ls -alh"' >> /etc/skel/.bashrc && \
+    echo 'export PS1="\u@$DOCKER_TAG:\w\$ "' >> /etc/skel/.bashrc && \
+    echo "ALL ALL=(ALL) NOPASSWD:SETENV: /scripts/entrypoint-init.sh" >> /etc/sudoers.d/init && \
+    cp /etc/skel/.bashrc /root/.bashrc && \
+    /scripts/create-users.sh && \
+    /scripts/cleanup.sh && \
+    cp /scripts/heif-convert.sh /usr/local/bin/heif-convert && \
    install -d -m 0777 -o 1000 -g 1000 \
      /var/lib/photoprism \
      /tmp/photoprism \
@@ -127,11 +131,7 @@ RUN echo 'APT::Acquire::Retries "3";' > /etc/apt/apt.conf.d/80retries && \
      /photoprism/storage/albums \
      /photoprism/storage/backups \
      /photoprism/storage/config \
-      /photoprism/storage/cache \
-    && \
-    echo "ALL ALL=(ALL) NOPASSWD:SETENV: /scripts/entrypoint-init.sh" >> /etc/sudoers.d/init && \
-    cp /scripts/heif-convert.sh /usr/local/bin/heif-convert && \
-    /scripts/cleanup.sh
+      /photoprism/storage/cache

 # define default directory and user
 WORKDIR /photoprism
--- a/docker/photoprism/impish/Dockerfile
+++ b/docker/photoprism/impish/Dockerfile
@@ -89,9 +89,6 @@ RUN echo 'APT::Acquire::Retries "3";' > /etc/apt/apt.conf.d/80retries && \
    mv /opt/photoprism/sbin/gosu /usr/local/sbin/gosu && \
    chown root:root /usr/local/sbin/gosu && \
    chmod 755 /usr/local/sbin/gosu && \
-    groupadd -f -r -g 44 video && groupadd -f -r -g 109 render && groupadd -f -g 1000 photoprism && \
-    useradd -m -g 1000 -u 1000 -d /photoprism -G video,render photoprism && \
-    chmod 777 /photoprism && \
    apt-get update && apt-get -qq dist-upgrade && apt-get -qq install --no-install-recommends \
      ca-certificates \
      jq \
@@ -116,6 +113,13 @@ RUN echo 'APT::Acquire::Retries "3";' > /etc/apt/apt.conf.d/80retries && \
      libavcodec-extra \
    && \
    /scripts/install-darktable.sh && \
+    echo 'alias ll="ls -alh"' >> /etc/skel/.bashrc && \
+    echo 'export PS1="\u@$DOCKER_TAG:\w\$ "' >> /etc/skel/.bashrc && \
+    echo "ALL ALL=(ALL) NOPASSWD:SETENV: /scripts/entrypoint-init.sh" >> /etc/sudoers.d/init && \
+    cp /etc/skel/.bashrc /root/.bashrc && \
+    /scripts/create-users.sh && \
+    /scripts/cleanup.sh && \
+    cp /scripts/heif-convert.sh /usr/local/bin/heif-convert && \
    install -d -m 0777 -o 1000 -g 1000 \
      /var/lib/photoprism \
      /tmp/photoprism \
@@ -126,11 +130,7 @@ RUN echo 'APT::Acquire::Retries "3";' > /etc/apt/apt.conf.d/80retries && \
      /photoprism/storage/albums \
      /photoprism/storage/backups \
      /photoprism/storage/config \
-      /photoprism/storage/cache \
-    && \
-    echo "ALL ALL=(ALL) NOPASSWD:SETENV: /scripts/entrypoint-init.sh" >> /etc/sudoers.d/init && \
-    cp /scripts/heif-convert.sh /usr/local/bin/heif-convert && \
-    /scripts/cleanup.sh
+      /photoprism/storage/cache

 # define default directory and user
 WORKDIR /photoprism
--- a/docker/photoprism/jammy/Dockerfile
+++ b/docker/photoprism/jammy/Dockerfile
@@ -89,9 +89,6 @@ RUN echo 'APT::Acquire::Retries "3";' > /etc/apt/apt.conf.d/80retries && \
    mv /opt/photoprism/sbin/gosu /usr/local/sbin/gosu && \
    chown root:root /usr/local/sbin/gosu && \
    chmod 755 /usr/local/sbin/gosu && \
-    groupadd -f -r -g 44 video && groupadd -f -r -g 109 render && groupadd -f -g 1000 photoprism && \
-    useradd -m -g 1000 -u 1000 -d /photoprism -G video,render photoprism && \
-    chmod 777 /photoprism && \
    apt-get update && apt-get -qq dist-upgrade && apt-get -qq install --no-install-recommends \
      ca-certificates \
      jq \
@@ -116,6 +113,13 @@ RUN echo 'APT::Acquire::Retries "3";' > /etc/apt/apt.conf.d/80retries && \
      libavcodec-extra \
    && \
    /scripts/install-darktable.sh && \
+    echo 'alias ll="ls -alh"' >> /etc/skel/.bashrc && \
+    echo 'export PS1="\u@$DOCKER_TAG:\w\$ "' >> /etc/skel/.bashrc && \
+    echo "ALL ALL=(ALL) NOPASSWD:SETENV: /scripts/entrypoint-init.sh" >> /etc/sudoers.d/init && \
+    cp /etc/skel/.bashrc /root/.bashrc && \
+    /scripts/create-users.sh && \
+    /scripts/cleanup.sh && \
+    cp /scripts/heif-convert.sh /usr/local/bin/heif-convert && \
    install -d -m 0777 -o 1000 -g 1000 \
      /var/lib/photoprism \
      /tmp/photoprism \
@@ -126,11 +130,7 @@ RUN echo 'APT::Acquire::Retries "3";' > /etc/apt/apt.conf.d/80retries && \
      /photoprism/storage/albums \
      /photoprism/storage/backups \
      /photoprism/storage/config \
-      /photoprism/storage/cache \
-    && \
-    echo "ALL ALL=(ALL) NOPASSWD:SETENV: /scripts/entrypoint-init.sh" >> /etc/sudoers.d/init && \
-    cp /scripts/heif-convert.sh /usr/local/bin/heif-convert && \
-    /scripts/cleanup.sh
+      /photoprism/storage/cache

 # define default directory and user
 WORKDIR /photoprism
--- a/scripts/dist/create-users.sh
+++ b/scripts/dist/create-users.sh
@@ -10,17 +10,29 @@ fi

 echo "Creating default users and groups..."

-groupadd -f -r -g 44 video
-groupadd -f -r -g 109 render
-groupadd -f -g 1000 photoprism
+groupadd -f -r -g 44 video 1>&2
+groupadd -f -r -g 109 render 1>&2
+
+groupdel -f 1000 >/dev/null 2>&1
+userdel -f photoprism >/dev/null 2>&1
+userdel -f 1000 >/dev/null 2>&1
+
+groupadd -f -g 1000 photoprism 1>&2
+useradd -N -o -u 1000 -g photoprism -G video,render -s /bin/bash -m -d "/home/photoprism" photoprism

 add_user()
 {
-  useradd -u "$1" -g photoprism -G video,render -s /bin/bash -m -d "/home/user-$1" "user-$1" 2>/dev/null
+  userdel -f "$1" >/dev/null 2>&1
+  groupdel -f "group-$1" >/dev/null 2>&1
+  groupdel -f "$1" >/dev/null 2>&1
+  groupadd -f -g "$1" "group-$1"
+  useradd -u "$1" -g "$1" -G photoprism,video,render -s /bin/bash -m -d "/home/user-$1" "user-$1" 2>/dev/null
 }

 for i in $(seq 50 99); do add_user "$i"; done
 for i in $(seq 500 549); do add_user "$i"; done
-for i in $(seq 1000 1099); do add_user "$i"; done
+for i in $(seq 1001 1099); do add_user "$i"; done
+
+chgrp -f -R 1000 /home

 echo "Done."