|
|
|
|
@ -34,7 +34,8 @@ func EntryPoint(command []string) error {
|
|
|
|
|
command = []string{"/bin/bash", "-i"}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
uid, err := strconv.ParseInt(os.Getenv("WORKSPACE_USER"), 10, 64)
|
|
|
|
|
uidString := os.Getenv("WORKSPACE_USER")
|
|
|
|
|
uid, err := strconv.Atoi(uidString)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return fmt.Errorf(
|
|
|
|
|
"Failed to parse UID from WORKSPACE_USER env var with contents \"%s\". Error: %w",
|
|
|
|
|
@ -43,7 +44,7 @@ func EntryPoint(command []string) error {
|
|
|
|
|
)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
dockerGid, err := strconv.ParseInt(os.Getenv("WORKSPACE_DOCKER_GID"), 10, 64)
|
|
|
|
|
dockerGid, err := strconv.Atoi(os.Getenv("WORKSPACE_DOCKER_GID"))
|
|
|
|
|
if err != nil {
|
|
|
|
|
return fmt.Errorf(
|
|
|
|
|
"Failed to parse GID from WORKSPACE_DOCKER_GID env var with contents \"%s\". Error: %w",
|
|
|
|
|
@ -52,17 +53,17 @@ func EntryPoint(command []string) error {
|
|
|
|
|
)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
err = syscall.Setgroups([]int{int(dockerGid)})
|
|
|
|
|
err = syscall.Setgroups([]int{dockerGid, sudoGid})
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
err = syscall.Setgid(int(uid))
|
|
|
|
|
err = syscall.Setgid(uid)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
err = syscall.Setuid(int(uid))
|
|
|
|
|
err = syscall.Setuid(uid)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
@ -83,7 +84,11 @@ func Run(detach bool, command []string) error {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
uid := strconv.Itoa(syscall.Getuid())
|
|
|
|
|
curUser, err := user.Current()
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
home := os.Getenv("HOME")
|
|
|
|
|
dockerGroup, err := user.LookupGroup("docker")
|
|
|
|
|
if err != nil {
|
|
|
|
|
@ -94,7 +99,8 @@ func Run(detach bool, command []string) error {
|
|
|
|
|
"/bin/docker", "run", "--network=host",
|
|
|
|
|
"--workdir=" + workDir,
|
|
|
|
|
"-e", "DISPLAY=" + os.Getenv("DISPLAY"),
|
|
|
|
|
"-e", "WORKSPACE_USER=" + uid,
|
|
|
|
|
"-e", "WORKSPACE_USER=" + curUser.Uid,
|
|
|
|
|
"-e", "WORKSPACE_USERNAME=" + curUser.Name,
|
|
|
|
|
"-e", "WORKSPACE_DOCKER_GID=" + dockerGroup.Gid,
|
|
|
|
|
"-e", "HOME=" + home,
|
|
|
|
|
"-h", os.Getenv("HOSTNAME"),
|
|
|
|
|
@ -109,11 +115,11 @@ func Run(detach bool, command []string) error {
|
|
|
|
|
"-v", home + ":" + home,
|
|
|
|
|
"-e", "SSH_AGENT_LAUNCHER=" + os.Getenv("SSH_AGENT_LAUNCHER"),
|
|
|
|
|
"-e", "SSH_AUTH_SOCK=" + os.Getenv("SSH_AUTH_SOCK"),
|
|
|
|
|
"-e", "PULSE_SERVER=unix:/run/user/" + uid + "/pulse/native",
|
|
|
|
|
"-e", "DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/" + uid + "/bus",
|
|
|
|
|
"-e", "PULSE_SERVER=unix:/run/user/" + curUser.Uid + "/pulse/native",
|
|
|
|
|
"-e", "DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/" + curUser.Uid + "/bus",
|
|
|
|
|
"-e", "TERM=" + os.Getenv("TERM"),
|
|
|
|
|
"-v", "/tmp/.X11-unix:/tmp/.X11-unix",
|
|
|
|
|
"-v", "/run/user/" + uid + ":/run/user/" + uid,
|
|
|
|
|
"-v", "/run/user/" + curUser.Uid + ":/run/user/" + curUser.Uid,
|
|
|
|
|
"-v", "/dev/snd",
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@ -207,7 +213,7 @@ func main() {
|
|
|
|
|
&detach,
|
|
|
|
|
"detach",
|
|
|
|
|
false,
|
|
|
|
|
"Whether or not to detach from the container afnter running the command",
|
|
|
|
|
"Whether or not to detach from the container after running the command",
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
switch cmd {
|
|
|
|
|
|
