attach to remote docker container in visual studio code with user other than root

Question

I'm using VSCode with the Docker extension. I'm connecting to docker on a remote machine through SSH. When I click on a container in the docker extension and do "Attach Visual Studio Code" if the container was started with the root user then it attaches fine. If it was started with a different uid/gid then I get the following. Not that the image has the user and groups setup correctly from the dockerfile.

[4909 ms] 
[4910 ms] Start: Run in container: cat /etc/passwd
[4947 ms] User 33333:45678 not found in /etc/passwd.
[4948 ms] Start: Run in container: test -d /root/.vscode-server
[4982 ms] 
[4982 ms] 
[4982 ms] Exit code 1
[4982 ms] Start: Run in container: test -d /root/.vscode-remote
[5019 ms] 
[5019 ms] 
[5019 ms] Exit code 1
[5019 ms] Start: Run in container: set -o noclobber ; mkdir -p '/root/.vscode-server/data/Machine' && { > '/root/.vscode-server/data/Machine/.writeMachineSettingsMarker' ; } 2> /dev/null
[5057 ms] 
[5057 ms] mkdir: cannot create directory ‘/root’: Permission denied
[5058 ms] Exit code 1
[5059 ms] Start: Run in container: test -d /root/.vscode-server/bin/d5e9aa0227e057a60c82568bf31c04730dc15dcd
[5095 ms] 
[5096 ms] 
[5096 ms] Exit code 1
[5096 ms] Installing VS Code Server for commit d5e9aa0227e057a60c82568bf31c04730dc15dcd
[5096 ms] Start: Run in container: mkdir -p /root/.vscode-server/bin/d5e9aa0227e057a60c82568bf31c04730dc15dcd_1595365126276
[5133 ms] 
[5134 ms] mkdir: cannot create directory ‘/root’: Permission denied
[5134 ms] Exit code 1

Answer 1

If you have access to the machine running the Docker environment, you can connect to the remote machine through the Remote Explorer extension. Install Docker extension inside the machine. Then, use the official guide for this from Docker. This is the gist:

Create the docker group:

sudo groupadd docker

Add your user to the docker group.

sudo usermod -aG docker $USER

Log out and log back in so that your group membership is re-evaluated. If you’re running Linux in a virtual machine, it restart the virtual machine for changes to take effect.

Warning

The docker group grants root-level privileges to the user. For details on how this impacts security in your system, see Docker Daemon Attack Surface.

Answer 2

I solved a similar problem in a fairly brute-force way. I added a specific user directly in the Dockerfile (first defining the group they belong to):

RUN groupadd --gid $GID $GROUPNAME
RUN useradd --uid $UID --gid $GID -m $USERNAME

and then in the docker-compose added the following line under all services I wanted to log in to with that specific UID/GID:

user: $USERNAME

For docker-compose you will need first to export the username explicitely before building your containers:

export USERNAME="Max Mustermann"

(unless, of course, you're using your own local username, in which case just writing user: $USER without exporting anything is enough.

The reason for adding the user in the Dockerfile is that you want to have user data listed in /etc/passwd so that VSCode can pick them up. If you don't have access to Dockerfile you can also make a small shell script that is going to attach to the container as the default (root) user and add the desired UID/GID subsequently.

After this VSCode automatically attached to the container as that specific user.