-
Notifications
You must be signed in to change notification settings - Fork 385
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add node-red user to dailout group #154
Comments
yes - create a dialout branch, etc |
Test images & Manifest lists are available here |
There is already an existing option with docker or docker-compose 2.0 to add a user to a group, see https://docs.docker.com/engine/reference/run/#additional-groups |
Yes - very useful. The question is should we do it by default ? Or should we just document alternatives (like this) |
Can you really do it by default ? I'm not a docker expert, but how can you be sure that the dialout gid from the image will be the same than the host one ? |
We can not be sure that the |
so the suggestion to do it via command line would be safer in that it would match by name ? |
In case of grep dialout /etc/group So changing to group However when current users have set there persistence dir to Which basically means that all users will be affected by the change and need to chown -R 1000:20 <path_to_persistence_dir> So in my opinion we leave as is ( Or we add New images are available at nodered/node-red-dev and they are tagged by * @tms0 can you verify if serial works with these images? |
In my opinion, I prefer to let users do the mapping themself between things from the OS and things from the container. But adding dialout as a secondary group seems acceptable to me, I will give it a try @RaymondMouthaan . |
I have a solution in mind, but that requires significant changes to the node-red container. I've not yet got the time to create a experimental version to do so, but if it's ready I'll let you know 😌 |
FYI On my intel-nuc (Intel(R) Client Systems NUC6CAYS) running CentOS Linux 8 the dialout group has id 18 on the host and not 20 !
Note that I am not requesting this feature. Above information is just provided for consideration when making any changes. |
Just in case helpful for others... They've merged the v2/v3 compose specs which brings back the services element group_add. This was in v2 and removed in v3 releases. So if you install docker-compose 1.27.0+ and are running Docker Engine 19.03.0+
instead of and node-red user will be in both groups:
|
Nice! Thanks for sharing @emes! |
Add
node-red
user todailout
group by default instead of node-red group.From Debian Wiki:
In current images, node-red user has it's own group
node-red
, which has no permissions to serial. To gain permission to serial, one needs to add --usernode-red:dailout
to the docker run command or equivalent in docker compose file.We might want to add
node-red
user to thedailout
group, so that above is no longer required and node-red has permission toserial
by default.However, current users might get permission issues with the persistent dir, because of current group.
Do all architectures have
dailout
group available?[ √ ] amd64/alpine
[ √ ] arm32v6/alpine
[ √ ] arm32v7/alpine
[ √ ] arm64v8/alpine
[ √ ] i386/alpine
[ √ ] s390x/alpine
Proposal: create a feature branch for this change and do some tests.
The text was updated successfully, but these errors were encountered: