From 4f4bb1866e4dfd0f71970e7756745d1b74265b64 Mon Sep 17 00:00:00 2001 From: Sebastian Davids Date: Tue, 24 Sep 2024 17:37:24 +0200 Subject: [PATCH 1/2] use uid:gid form for docker run -u Signed-off-by: Sebastian Davids --- README.adoc | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/README.adoc b/README.adoc index 06ba3ca..7fb1307 100644 --- a/README.adoc +++ b/README.adoc @@ -70,11 +70,11 @@ The advantage of Podman is that it is more secure. It runs in user space and does not rely on a daemon. If you're running a Linux distribution that has SELinux enabled, like Fedora, you'll need to add the `:Z` (or `:z`) modifier to the volume mount. -You'll also want to add the `-u $(id -u)` option to instruct Docker to run the entrypoint command as the current user. +You'll also want to add the `-u "$(id -u):$(id -g)"` option to instruct Docker to run the entrypoint command as the current user/group. Otherwise, files will be written as root and thus hard to delete. Here's the command you'll use: - $ docker run -u $(id -u) -v $PWD:/antora:Z --rm -t antora/antora --stacktrace antora-playbook.yml + $ docker run -u "$(id -u):$(id -g)" -v $PWD:/antora:Z --rm -t antora/antora --stacktrace antora-playbook.yml When using Podman, the `-u` flag is not required since the container is already run in user space. @@ -93,7 +93,7 @@ This happens because the default cache dir resolves relative to the user's home You can fix this problem by setting the cache dir relative to the playbook when running Antora: - $ docker run -u $(id -u) -v $PWD:/antora:Z --rm -t \ + $ docker run -u "$(id -u):$(id -g)" -v $PWD:/antora:Z --rm -t \ antora/antora --cache-dir=./.cache --stacktrace antora-playbook.yml ==== -- GitLab From d06f17994a43d6faa766f2694cf7079aa00035e1 Mon Sep 17 00:00:00 2001 From: Sebastian Davids Date: Tue, 24 Sep 2024 17:37:36 +0200 Subject: [PATCH 2/2] typo and extra space https://www.merriam-webster.com/grammar/awhile-usage Signed-off-by: Sebastian Davids --- README.adoc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.adoc b/README.adoc index 7fb1307..2680d48 100644 --- a/README.adoc +++ b/README.adoc @@ -79,7 +79,7 @@ Here's the command you'll use: When using Podman, the `-u` flag is not required since the container is already run in user space. $ podman run -v $PWD:/antora:Z --rm -t antora/antora --stacktrace antora-playbook.yml - + Although tempting, the `--privileged` flag is not needed. To learn more about using volume mounts with SELinux, see the blog post http://www.projectatomic.io/blog/2015/06/using-volumes-with-docker-can-cause-problems-with-selinux/[Using Volumes with Docker can Cause Problems with SELinux]. @@ -190,7 +190,7 @@ To build this image locally, use the following command: $ docker build --pull -t local/antora . -The build make take awhile to complete. +The build make take a while to complete. Once it's finished, you can use the image name `local/antora` (i.e., `local/antora:latest`) to run the container. == Copyright and License -- GitLab