sudo: you do not exist in the passwd database

What do I have:

FROM ubuntu:20.04
ENV DEBIAN_FRONTEND=noninteractive
RUN apt update -y \ && apt install -y --no-install-recommends \ sudo \ && adduser --disabled-password --gecos "" --uid 1000 runner \ && groupadd docker \ && usermod -aG sudo runner \ && usermod -aG docker runner \ && echo "%sudo ALL=(ALL:ALL) NOPASSWD:ALL" > /etc/sudoers
USER runner
RUN sudo usermod -u 1001 runner && sudo groupmod -g 121 runner

Building this Dockerfile results in an error:

sudo: you do not exist in the passwd database

If I split the last one RUN into two RUNs, there is no error:

FROM ubuntu:20.04
ENV DEBIAN_FRONTEND=noninteractive
RUN apt update -y \ && apt install -y --no-install-recommends \ sudo \ && adduser --disabled-password --gecos "" --uid 1000 runner \ && groupadd docker \ && usermod -aG sudo runner \ && usermod -aG docker runner \ && echo "%sudo ALL=(ALL:ALL) NOPASSWD:ALL" > /etc/sudoers
USER runner
RUN sudo usermod -u 1001 runner
RUN sudo groupmod -g 121 runner

Why is this happening?

1 Answer

In RUN sudo usermod -u 1001 runner && sudo groupmod -g 121 runner, Docker starts an sh process as the runner user, that runs these commands. The first command changes the UID of that user. But the sh process still uses the old ID, and so, when it tries to run the second command, it is trying to run sudo with a UID that no longer exists in the passwd database. When you split them into two RUN commands, Docker starts a new sh process for the second RUN, which uses the new UID.

I don't have a solution for this, since I don't know why you're doing something like this. I'd advice against randomly changing UIDs of a user while still running processes as that user. sudo isn't the only tool that won't like it.

Your Answer

Sign up or log in

Sign up using Google Sign up using Facebook Sign up using Email and Password

Post as a guest

By clicking “Post Your Answer”, you agree to our terms of service, privacy policy and cookie policy

You Might Also Like