1

This might be a stupid question, but I am going to ask it anyways...

I would like to be a superuser in the container if I run docker exec -it <container> /bin/bash.

<container> is a container that is built on a fedora-base-image which seems to assign me a user with non-sudo capabilities.

Question: Is there a way to still become superuser in my new image, if it was based on such an image?

Why do I want this? I would like to run gdb attach in this container, which gives me ptrace: Operation not permitted. I already tried to do docker run --cap-add=SYS_PTRACE --security-opt seccomp=unconfined --security-opt apparmor=unconfined (compare here), which did not work. So my next guess would be to try this as super-user, as recommended in the same post.

Improve this question

2 Answers 2

Reset to default
1

with docker run you can pass the user flag. 

-u, --user string Username or UID (format: <name|uid>[:<group|gid>])

I believe the UID of root should be 0, so I think any of -u root -u 0 -u root:root should work?

If you're building a Dockerfile you can also add USER root to your dockerfile to switch users.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

A quick workaround that also worked was to use a multi-stage build, start off as sudo in the first build, do RUN sudo chmod +s /usr/bin/gdb and then use COPY in the second stage to get gdb with permissions from the first stage.

Improve this answer

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.