Skip to content

Commit

Permalink
Added explicit creation of non-root
Browse files Browse the repository at this point in the history 
Added explicit creation of non-root to the dockerfile. In some situations (e.g., containerd on Kubernetes) the home directory for the user (/home/nonroot) isn't necessarily created when the image is loaded. In this case, things get tricky because the nonroot user doesn't seem to have write access to any other paths. Also, explicitly coding in the useradd seems to be best practice (though this is obviously less relevant).
  • Loading branch information
@jrussell9000
jrussell9000 committed Sep 16, 2024
1 parent 72c5eae commit 3ea3c00
Showing 1 changed file with 2 additions and 1 deletion.
3 changes: 2 additions & 1 deletion Docker/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -221,6 +221,7 @@ RUN cd /fastsurfer ; python3 FastSurferCNN/download_checkpoints.py --all && \

# Set FastSurfer workdir and entrypoint
# the script entrypoint ensures that our conda env is active
RUN useradd -m -s /bin/bash -u 1000 -g 1000 nonroot
USER nonroot
WORKDIR "/fastsurfer"
ENTRYPOINT ["/fastsurfer/Docker/entrypoint.sh","/fastsurfer/run_fastsurfer.sh"]
Expand All @@ -232,4 +233,4 @@ FROM runtime AS runtime_cuda

ENV NVIDIA_VISIBLE_DEVICES=all \
NVIDIA_DRIVER_CAPABILITIES=compute,utility \
NVIDIA_REQUIRE_CUDA="cuda>=8.0"
NVIDIA_REQUIRE_CUDA="cuda>=8.0"

0 comments on commit 3ea3c00

Please sign in to comment.