1

I have an Azure Container Instance that has a non root user as default. For debugging and experimentation, I'd like to exec into the container like you would with a normal docker container: docker exec -u root ..., so that I have sudo permissions in the container. As detailed in Interacting with a container in Azure Container Instances, you can run exec commands through az container exec ..., but as was mentioned in Christian's answer, https://stackoverflow.com/a/50334426/17129046, there doesn't seem to be a way to add extra parameters, not just for the program being run, but there also doesn't seem to be support for any of the additional options you'd have with docker exec, including the -u option to change the user that logs in to the container when running docker exec -u root ... '/bin/bash'.

I have tried using su in the container, but it prompts for a password, and I don't know what that password would be, since the dockerfile that created the image this ACI uses doesn't set a password as far as I know (The image is created via bentoml). The default user is called bentoml. Result from running id:

uid=1034(bentoml) gid=1034(bentoml) groups=1034(bentoml)

Is there a workaround for this? Maybe a way to ssh into the container as root?

Jason Lunder
  • 58
  • 6

1 Answers1

-1

I tried to reproduce the issue and got the below output

I have pulled the docker image from the docker hub using below command

   docker pull <image_name>

While pulling the image from docker we need to give the credentials if it ask

enter image description here

I have run the image using below command

docker run -it <image_id> /bin/bash

enter image description here

Here the container is running and I am not able to use root user commands

For accessing container as root use the below command

docker run -u 0 -it image_id /bin/bash

Here I can able to install all root packages now

enter image description here

You can use this docker file for setting the no password then it won't ask any password

RUN apt-get update \
 && apt-get install -y sudo

RUN adduser --disabled-password --gecos '' docker
RUN adduser docker sudo
RUN echo '%sudo ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers

USER docker
Komali Annem
  • 649
  • 1
  • 1
  • 7
  • 1
    I am trying to access root on an existing Azure Container Instance (ACI). I can't access it via docker exec, docker run, or any other docker command, as I detailed in the question, because is an Azure Container Instance and is therefore not locally hosted. I can access the container via `az container exec`, but I cannot add extra arguments like `-u` that change the user. A workaround like a way to set up a ssh connection for an ACI might work, and changing the dockerfile to have no password for root might also work, but that would involve rebuilding the image and recreating the container. – Jason Lunder Oct 13 '22 at 16:14
  • Please run the container first using **`docker run -d --name "container_id" "image_name" sleep 1000`** till this time container will run and execute using **`docker exec -u 0 -it "container_id"/bin/bash`** it will work as a root user, Please check below for reference ![enter image description here](https://i.imgur.com/1OuM9HN.png) – Komali Annem Oct 14 '22 at 12:24