generated from coop-cloud/example
Stable UIDs for PAM/UNIX users for Keycloak login
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/push Build is passing
Details
Ref https://github.com/WASHNote/washnote-apps/issues/67
This commit is contained in:
parent
4b50bb3ce2
commit
b97a7f679f
2
abra.sh
2
abra.sh
|
@ -1,4 +1,4 @@
|
||||||
export CUSTOM_ENTRYPOINT_VERSION=v7
|
export CUSTOM_ENTRYPOINT_VERSION=v7
|
||||||
export OIDC_CONF_VERSION=v1
|
export OIDC_CONF_VERSION=v1
|
||||||
export PAM_EXEC_OAUTH2_YAML_VERSION=v1
|
export PAM_EXEC_OAUTH2_YAML_VERSION=v1
|
||||||
export PAM_SCRIPT_AUTH_VERSION=v3
|
export PAM_SCRIPT_AUTH_VERSION=v4
|
||||||
|
|
|
@ -6,7 +6,13 @@ if [ -z "$PAM_USER" ]; then
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if ! id "$PAM_USER" &>/dev/null; then
|
if ! id "$PAM_USER" &>/dev/null; then
|
||||||
adduser "$PAM_USER" --disabled-password --quiet --gecos ""
|
# NOTE(3wc): This generates a stable UID for the user based on the username;
|
||||||
|
# without it, UID→username mapping changes on every container restart, which
|
||||||
|
# creates file ownership issues and prevents RStudio from working.
|
||||||
|
# See https://github.com/WASHNote/washnote-apps/issues/67
|
||||||
|
uid=$(echo "$PAM_USER" | md5sum | grep -Eo "[[:digit:]]{3}" | head -n1)
|
||||||
|
uid=$((1000+uid))
|
||||||
|
adduser --uid="$uid" "$PAM_USER" --disabled-password --quiet --gecos ""
|
||||||
fi
|
fi
|
||||||
|
|
||||||
exit 0
|
exit 0
|
||||||
|
|
Loading…
Reference in New Issue