-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathentrypoint.sh
More file actions
executable file
·63 lines (50 loc) · 2.86 KB
/
entrypoint.sh
File metadata and controls
executable file
·63 lines (50 loc) · 2.86 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
#!/bin/bash
set -e
# This script runs as root. It prepares the environment for the non-root user.
# The USER_ID and GROUP_ID variables are passed in from the docker run command.
# Default to 1000 if they are not provided.
USER_ID=${HOST_USER_ID:-1000}
GROUP_ID=${HOST_GROUP_ID:-1000}
USERNAME="cros-builder"
echo "--- Entrypoint: Starting with UID: $USER_ID, GID: $GROUP_ID ---"
# Create or reuse the group with the specified GID
if getent group "${GROUP_ID}" >/dev/null 2>&1; then
GROUP_NAME="$(getent group "${GROUP_ID}" | cut -d: -f1)"
else
GROUP_NAME="${USERNAME}-group"
groupadd -g "${GROUP_ID}" "${GROUP_NAME}"
fi
# Create or update the user with the specified UID and GID
if id -u "${USERNAME}" >/dev/null 2>&1; then
usermod -o -u "${USER_ID}" -g "${GROUP_ID}" -s /bin/bash -d "/home/${USERNAME}" "${USERNAME}"
else
useradd --shell /bin/bash --uid "${USER_ID}" --gid "${GROUP_ID}" --non-unique --comment "" --create-home "${USERNAME}"
fi
# Grant sudo privileges to the new user (passwordless)
usermod -aG sudo "${USERNAME}"
echo "${USERNAME} ALL=(ALL) NOPASSWD:ALL" > /etc/sudoers.d/99-${USERNAME}
chmod 440 /etc/sudoers.d/99-${USERNAME}
# Fix ownership of the user's home directory while preserving chroot ownership
mkdir -p "/home/${USERNAME}/fydeos-project"
# Ensure the home directory itself is owned by the user
chown "${USER_ID}:${GROUP_ID}" "/home/${USERNAME}"
# Chown everything in the home except the project mount (to avoid touching chroot later)
find "/home/${USERNAME}" -mindepth 1 -maxdepth 1 -not -path "/home/${USERNAME}/fydeos-project" -exec chown -R "${USER_ID}:${GROUP_ID}" {} + 2>/dev/null || true
# Fix mount permissions and create cache directories
if [ -d "/home/${USERNAME}/fydeos-project" ]; then
# Create cache directories with proper ownership
mkdir -p "/home/${USERNAME}/fydeos-project/.cache" "/home/${USERNAME}/fydeos-project/.ccache" || true
# Chown project contents except the chroot (cros_sdk manages chroot permissions)
find "/home/${USERNAME}/fydeos-project" -mindepth 1 -maxdepth 1 -not -path "/home/${USERNAME}/fydeos-project/chroot" -exec chown -R "${USER_ID}:${GROUP_ID}" {} + 2>/dev/null || true
# Ensure cache directories are writable
chown -R "${USER_ID}:${GROUP_ID}" "/home/${USERNAME}/fydeos-project/.cache" "/home/${USERNAME}/fydeos-project/.ccache" 2>/dev/null || true
fi
# Set up environment variables for the user
echo "export CCACHE_DIR=/home/${USERNAME}/fydeos-project/.ccache" >> /home/${USERNAME}/.bashrc
echo "export CCACHE_MAXSIZE=50G" >> /home/${USERNAME}/.bashrc
echo "export PATH=/home/${USERNAME}/depot_tools:\$PATH" >> /home/${USERNAME}/.bashrc
echo "umask 022" >> /home/${USERNAME}/.bashrc
# Drop privileges and execute the main command passed to the container
# (which is fydeos_build_script.sh by default).
# The "$@" passes along all arguments from the CMD line.
exec /usr/local/bin/gosu "${USERNAME}" "$@"