From c5168cbfd401f3c2875d3c5ea1479182e9fc707f Mon Sep 17 00:00:00 2001 From: "nikita.smirnov" Date: Mon, 8 Jul 2024 13:25:23 +0400 Subject: [PATCH] added `umask 0007` to `~/.bashrc` file --- Dockerfile | 5 ++--- README.md | 15 +++++++++++++++ .../jupyter-notebook/Dockerfile | 5 +++-- .../with-jupyter-notebook/user_data/.gitignore | 1 - 4 files changed, 20 insertions(+), 6 deletions(-) delete mode 100644 local-run/with-jupyter-notebook/user_data/.gitignore diff --git a/Dockerfile b/Dockerfile index 7aa1bfd..2729076 100644 --- a/Dockerfile +++ b/Dockerfile @@ -9,9 +9,7 @@ COPY . /app # groupadd --system - create a system account # useradd --system - create a system account # useradd --gid - name or ID of the primary group of the new account -# usermod --append - append the user to the supplemental GROUPS mentioned by the -G/--groups option without removing the user from other groups -# usermod --groups - new list of supplementary GROUPS -RUN groupadd --system json-stream && useradd --system --gid json-stream --uid 1000 json-stream && usermod --append --groups users json-stream +RUN useradd --system --gid users --uid 1000 json-stream ENV TH2_CFG_DIR="/app/var/th2/config/" ENV HOME="/home/json-stream" @@ -41,6 +39,7 @@ ENV PYTHONPATH="${PYTHONPATH}:${PYTHON_LOCAL_LIB_PATH}:${PYTHON_SHARED_LIB_PATH} ENV PIP_CONFIG_FILE="${HOME}/.pip/pip.conf" RUN mkdir -p "${PYTHON_SHARED_LIB_PATH}" +RUN echo 'umask 0007' >> "${HOME}/.bashrc" ENTRYPOINT ["python", "/app/server.py"] CMD ["/var/th2/config/custom.json"] \ No newline at end of file diff --git a/README.md b/README.md index 06905dd..89edeb2 100644 --- a/README.md +++ b/README.md @@ -83,6 +83,20 @@ You can put required files for you jupyter notebooks into `local-run/with-jupyte Or you can mount own folder by changing value of `USER_DATA_DIR` environment variable in the `local-run/with-jupyter-notebook/.evn` file.
Or change the `local-run/with-jupyter-notebook/compose.yml` file. Please note you should mount the same dictionary by the same path to `jupyter_notebook` and `json_stream_provider` services. +### provide permission for `local-run/with-jupyter-notebook/user_data` folder +`jupyter-notebook` and `json-stream-provider` use user from default linux `users` group. +It means that: +* `user_data` folder internal folder should have `rwx` permission for `users` group. +* files in `user_data` folder should have `rw` permission for `users` group. + +Perhaps you will need sudo permission for the next commands + +```shell +cd local-run/with-jupyter-notebook +chgrp -R users user_data/ +chmod -R g=u user_data/ +``` + #### start command ```shell cd local-run/with-jupyter-notebook @@ -107,6 +121,7 @@ docker compose build ### 0.0.5 +* added `umask 0007` to `~/.bashrc` file to provide rw file access for `users` group * added `/file` request for loading content of single jsonl file * removed ability to get any file from machine via `/file` REST APIs * added sorting on requests `/files/notebooks` and `/files/results` diff --git a/local-run/with-jupyter-notebook/jupyter-notebook/Dockerfile b/local-run/with-jupyter-notebook/jupyter-notebook/Dockerfile index 592efcd..6ac4f50 100644 --- a/local-run/with-jupyter-notebook/jupyter-notebook/Dockerfile +++ b/local-run/with-jupyter-notebook/jupyter-notebook/Dockerfile @@ -3,7 +3,8 @@ FROM jupyter/datascience-notebook:python-3.9 RUN echo "c.ServerApp.base_url = '/jupyter/'" >> /etc/jupyter/jupyter_server_config.py ENV PYTHON_SHARED_LIB_PATH="${HOME}/python/lib" +ENV PYTHONPATH="${PYTHONPATH}:${PYTHON_SHARED_LIB_PATH}" +ENV PIP_TARGET="${PYTHON_SHARED_LIB_PATH}" RUN mkdir -p "${PYTHON_SHARED_LIB_PATH}" -ENV PYTHONPATH="${PYTHONPATH}:${PYTHON_SHARED_LIB_PATH}" -ENV PIP_TARGET="${PYTHON_SHARED_LIB_PATH}" \ No newline at end of file +RUN echo 'umask 0007' >> "${HOME}/.bashrc" \ No newline at end of file diff --git a/local-run/with-jupyter-notebook/user_data/.gitignore b/local-run/with-jupyter-notebook/user_data/.gitignore deleted file mode 100644 index f59ec20..0000000 --- a/local-run/with-jupyter-notebook/user_data/.gitignore +++ /dev/null @@ -1 +0,0 @@ -* \ No newline at end of file