In the vast world of Linux, it is important to take security measures to ensure you don’t lose your valuable data. In many cases, it doesn’t have to be a random stranger trying to wipe off your hard disk, but you yourself could be enough for that. In order to prevent users from unwillingly wiping off data, and or causing other harm to the overall system by running malicious scripts and programs, regular users and administrative users (root) are divided and have separately allocated privileges.
When a regular user tries to run a command that requires root privileges, they need to use the sudo command. However, many users have reported that they are unable to use this important command inside their docker images.
Which is why, in this article, we’ll try our best to give you the solution you’d need to fix this, and get the command running in your docker image!
Why is the sudo command not found in docker?
By default, docker images do not contain the sudo package. This is because when you first install a docker image and run a container, you are logged in as the root user.
To keep the images as lightweight as possible, any unnecessary packages are removed, which is the case for the sudo command as well. As you’re logged in as the root user, the sudo command is not required, unless you explicitly create a new user and give administrative privileges to that user. Moreover, it is a common mistake to include sudo commands inside a Dockerfile to update the image after it’s installed.
If you don’t bother about using a root user or a regular user, and just want to get the job done, simply omit any traces of sudo when you write out commands in your Dockerfile, or simply when running commands from inside the running container. If you want to use it, however, by means of first creating a user and then installing the sudo package, the following sections will help you on that.
Create a User before installing Sudo
Before you install the sudo package in your container, you should first create a user, so it makes more sense to use the sudo command by any means. Different distributions may use different commands for creating a user. For now, I’ll mention 2 most commonly used distributions for Docker containers, Alpine Linux and Ubuntu.
Create a user in Alpine Linux Container
To create a user in Alpine Linux, you’d use the adduser command:
$ adduser -g "<username>" <username>
Replace <username> with the name of your choice, but you’d want to make sure it’s all in lowercase letters, and does not contain any special characters. By default, you should be prompted to enter a password for the user you are creating, and a home directory will be created with the username you had assigned.
Once the user has been created, add it to the wheel group so that this user can later on use the sudo command to achieve administrative privileges once the sudo command is installed and configured. Do this by running:
$ adduser <username> wheel
Create a user in Ubuntu Container
In Ubuntu, you can use the very same adduser command with the same procedure as before. But there’s also another different command you can you, which is called useradd (the plainly opposite version of adduser). However, the procedure for using this command is slightly different.
First, create the user by running the following command inside your container’s terminal:
$ useradd -m <username>
As always, replace the <username> with your desired name for the user. Note the -m flag. It is responsible for creating the home directory of your user. Also, you’ll not be prompted to assign a password for your user this time around. Instead, you need to use the passwd command to do so:
$ passwd <username>
Once you’re done inserting the password, it is time for you to add the user in the sudo group, which will allow your user to use the sudo command later on once installed. To do this, run the following line of command:
$ usermod -aG sudo <username>
Install sudo command inside docker image
As soon as you’ve made sure that the user is properly created, you may now install sudo by running the commands in order, which are listed under the name of your container’s Distribution:
In Ubuntu Image
$ apt update
$ apt install sudo
In Arch Linux Image
$ pacman -Syu
$ pacman -S sudo
In Alpine Linux Image
$ apk update
$ apk install sudo
Once installed, you should now test the sudo command by first entering the user you created with:
$ su <username>
and then checking whether you can execute any commands with sudo:
$ sudo apt update # (if you're in Ubuntu)
$ sudo apk update # (if you're in Alpine)
$ sudo pacman -Syu # (if you're in Arch)
Install sudo using a Dockerfile
If you want to install sudo from inside a Dockerfile, you can simply do so by using the package manager. If you also want to create the user from inside the Dockerfile, it is better to create one without a password, and later assign one once the image has been built. A demo Dockerfile for creating an Alpine Linux image, with a user created and sudo installed should look like this:
RUN apk update && apk upgrade
RUN adduser -D <username>
RUN apk add sudo
After building an image with the above Dockerfile, you should first run the container and enter it, so that you can add a password for the user and then also add the user to the sudo group, by using the methods mentioned previously.
Hopefully, you should now be able to use the sudo command inside your docker container!