[solved] Software setup in a container

dabeegmon · December 8, 2017, 2:35pm

Greetings
So I could get my container to communicate with the outside world.
Made a second container - - - impressed with the very light footprint.

Want to experiment with a LAPP server so first item I installed is postgresql.
Tried to install postgresql10.1 from source but couldn’t get the service to start.
Installed posgresql9.6 from the repository I’m using.
In the process of configuration it is necessary to switch back and forth from user postgres to the system user.
On a ‘regular’ system installation I would switch from postgres to user using su (postgres$ su being the most common).
That does not work in the container.
How does one switch from user ‘postgres’ to ‘user’?

simos · December 8, 2017, 3:08pm

It’s an Ubuntu/Debian thing to use sudo instead.
See for example,

$ lxc launch ubuntu:x mycontainer
Creating mycontainer
Starting mycontainer

$ lxc exec mycontainer -- sudo --user ubuntu --login
To run a command as administrator (user "root"), use "sudo <command>".
See "man sudo_root" for details.

ubuntu@mycontainer:~$ sudo apt update
...
ubuntu@mycontainer:~$ sudo apt install postgresql
...
Creating new cluster 9.5/main ...
  config /etc/postgresql/9.5/main
  data   /var/lib/postgresql/9.5/main
  locale en_US.UTF-8
  socket /var/run/postgresql
  port   5432
...
ubuntu@mycontainer:~$ sudo --user postgres --login
postgres@mycontainer:~$

You may want to set up an alias for the sudo --user USERNAME --login.

simos · December 8, 2017, 3:16pm

It is uncommon to switch from postgres to user. You would normally connect to the container as ubuntu, and from there switch to root or another account.

An account such as postgress is a terminal/limited (as being the end of a trip) account and you do not trust to switch to an important account. If a server is compromised, the attacker would enter through first through the www-data account or the postgres (or other database) account, therefore they are not trusted to allow to su/sudo from those to elsewhere.

dabeegmon · December 8, 2017, 4:16pm

ubuntu@mycontainer:~$ sudo --user postgres --login
postgres@mycontainer:~$

I get this far - - - that’s the easy part - - - but - - - how do I back out?

simos · December 8, 2017, 4:26pm

To exit, type

exit

dabeegmon · December 8, 2017, 4:49pm

Ok - - - that works.

Thank you for your help.

simos · December 8, 2017, 5:05pm

Great!

To mark a thread as solved, click on the icon with the tick, around here below VVVV

dabeegmon · December 8, 2017, 8:06pm

Thanks - - - that isn’t obvious (to me anyway).
I also would take it to mean that one particular reply was the solution.
Looking at my initial question there are a lot of replies and all were used to effect a solution.
To me, then, all of the replies are part of the solution not just one of those replies.