Reputation: 161
How to set user name in container of kubernetes pod?
I have a following pod yaml to run a pod with security context where runAsUser and runAsGroup are set.
apiVersion: v1
kind: Pod
metadata:
name: test
spec:
containers:
- name: test
image: ubuntu:18.04
command: ["sleep", "10d"]
securityContext:
runAsUser: 1002
runAsGroup: 2002
When I exec into the container, it says:
$ k exec -it test -- bash
groups: cannot find name for group ID 2002
I have no name!@test:/$
whoami command is also not working:
I have no name!@test:/$ whoami
whoami: cannot find name for user ID 1002
Here I need to set username for given uid(uid is not fixed so can't create image with a specific username).
Does kubernetes provide any option to set username?
Upvotes: 3
Views: 13578
Answers (1)
Reputation: 160003
No. The username (if any) is determined by looking up the numeric user ID in the container's /etc/passwd file (if any), and Kubernetes doesn't try to modify that file.
There aren't really any consequences to the user ID not existing in /etc/passwd, beyond getting this cosmetic error message in the unusual case of a debugging shell. Filesystem permissions are set and enforced only based on the numeric user and group IDs. So, for example, if you mount a PersistentVolumeClaim with an additional fsGroup: setting, that's based only on a numeric group ID, and again, it's irrelevant whether or not that actually exists in the container's /etc/groups file.
Upvotes: 3
Related Questions
- How to change the name of a user in kube config file with kubectl?
- How to add an username when create a k8s pod
- Can we provide a User Name that needs to be run as by a pod/containers in kubernetes?
- How to get user uid and name used in docker image
- Kubernetes can not list pods as user
- How to change users in kubectl?
- How to get the uid and group id for an existing kubernetes username?
- How to create a user in a Kubernetes cluster?
- Kubernetes: Linux user management
- How to add or introduce a kubernetes normal user?