finish removing files from $HOME #388
Conversation
| RUN mkdir /home/$NB_USER/work && \ | ||
| echo "cacert=/etc/ssl/certs/ca-certificates.crt" > /home/$NB_USER/.curlrc | ||
| # Setup work directory for backward-compatibility | ||
| RUN mkdir /home/$NB_USER/work |
There was a problem hiding this comment.
Is there anything else in docker-stacks using this at this point or is this of concern for some known downstream use cases?
There was a problem hiding this comment.
Is there anything else in docker-stacks using this
No, this directory is deliberately created and left empty, so that it might be mounted as a volume. Nothing is done with it in docker-stacks.
is this of concern for some known downstream use cases?
juptyerhub-deploy-docker uses this by default, but since it mounts it as a volume, it probably wouldn't be affected. We can possibly get away with removing the directory without harming anything I know of, at least.
There was a problem hiding this comment.
~/work is configured as the default notebook-dir both so that it could be mounted without disturbing all of the files in the home directory and to avoid cluttering the notebook dashboard page.
|
Would it make sense to make |
datascience-notebook/Dockerfile
Outdated
| echo "push!(Libdl.DL_LOAD_PATH, \"$CONDA_DIR/lib\")" >> /usr/etc/julia/juliarc.jl && \ | ||
| # Create JULIA_PKGDIR \ | ||
| mkdir $JULIA_PKGDIR && \ | ||
| chown -R $NB_USER:users $JULIA_PKGDIR |
There was a problem hiding this comment.
Also need to add a chown of this directory to the start-notebook.sh script as well in order to support NB_USER and (as of #387) NB_GID at docker run time. Look for the similar chown for the conda root directory.
There was a problem hiding this comment.
👍 done. #387 removed the chown of ., which means that $HOME won't have the right permissions in this case, will it? Should I put that back, as well?
There was a problem hiding this comment.
@minrk I missed your comment because GitHub folded the diff after your update to the PR. Yes, I think the . was removed by mistake and I missed it in code review. I'll send a follow-on with it.
There was a problem hiding this comment.
That . used to resolve to $HOME/work. Long ago, we chmod'ed all of $HOME instead until someone pointed out that when $HOME is a host-mounted user home directory, the logic in the startup script could potentially wind up breaking ownership on the host-mounted files if $NB_USER is set poorly. I don't really see around this, however, if we want ownership set correctly from the container perspective.
- mplimporthook should be obsolete with matplotlib 2.0 - curlrc seems to be obsolete now (updates to base image?) - set WORKDIR to $HOME instead of $HOME/work (leave work there for compatibility)
minrk
force-pushed
the
nothing-in-home
branch
2 times, most recently
from
c283fb1 to
276c10d
Compare
|
Is this mergeable now? |
follow-up to #386
compatibility)
There are still a couple of artefacts in $HOME, but nothing that would suffer from being wiped out due to $HOME being mounted as a fresh volume.
cc @yuvipanda
closes #331