Skip to main content

Windows containers cannot use USER instruction to change user with a password

By

 I have a Dockerfile like below:


FROM mcr.microsoft.com/windows/servercore:20H2 as final
RUN net user timus P@$$w0rd123!@# /add /Passwordchg:No
RUN WMIC USERACCOUNT WHERE "Name='timus'" SET PasswordExpires=FALSE
RUN net localgroup administrators timus /add
USER timus
RUN whoami

Running this will fail with an error message like below:
C:\mydocker>docker build -t myimages:1.0.0 -f Dockerfile Sending build context to Docker daemon 678.8MB Step 1/6 : FROM mcr.microsoft.com/windows/servercore:20H2 as final ---> 4943ff812624 Step 2/6 : RUN net user timus P@$$w0rd!@# /add /Passwordchg:No ---> Running in 95d4d70138d8 The command completed successfully. Removing intermediate container 95d4d70138d8 ---> d00130167ea2 Step 3/6 : RUN WMIC USERACCOUNT WHERE "Name='timus'" SET PasswordExpires=FALSE ---> Running in 0d05945d8f70 Updating property(s) of '\\0D05945D8F70\ROOT\CIMV2:Win32_UserAccount.Domain="0D05945D8F70",Name="timus"' Property(s) update successful. Removing intermediate container 0d05945d8f70 ---> b37beaf1f201 Step 4/6 : RUN net localgroup administrators timus /add ---> Running in 82871efe73b3 The command completed successfully. Removing intermediate container 82871efe73b3 ---> 17d3a473c8e6 Step 5/6 : USER timus ---> Running in fc69793db808 Removing intermediate container fc69793db808 ---> 8e515f363d94 Step 6/6 : RUN whoami ---> Running in 1d88d8a9e089 container 1d88d8a9e0897835a2cd00082f92ef99d7896623ce7ba7c1921176569c670cfe encountered an error during hcsshim::System::CreateProcess: failure in a Windows system call: The user name or password is incorrect. (0x52e) [Event Detail: Provider: 00000000-0000-0000-0000-000000000000] [Event Detail: Provider: 00000000-0000-0000-0000-000000000000] [Event Detail: onecore\vm\compute\management\orchestration\vmhostedcontainer\processmanagement.cpp(173)\vmcomputeagent.exe!00007FF720E4A40B: (caller: 00007FF720E05C8B) Exception(2) tid(388) 8007052E The user name or password is incorrect. CallContext:[\Bridge_ProcessMessage\VmHostedContainer_ExecuteProcess] Provider: 00000000-0000-0000-0000-000000000000] extra info: {"CommandLine":"cmd /S /C whoami","User":"timus","WorkingDirectory":"C:\\","CreateStdInPipe":true,"CreateStdOutPipe":true,"CreateStdErrPipe":true,"ConsoleSize":[0,0]}
This is failing because as of this writing (4/12/2021) Windows containers does not support using USER instruction for users with password, it is expecting it to be blank!
See this GitHub issue for details - https://github.com/moby/moby/issues/28585
Labels:

Comments

Post a Comment

Popular posts from this blog

Error! Could not locate dkms.conf file install VirtualBox 4.1.8 on Ubuntu 11.10

By
Tried to update my Ubuntu host today and it did pickup that new version of VirtualBox is available (4.1.8). All other packages installed properly except that VirtualBox installation was complaining about missing dkms.conf file, see error message below. $: sudo /etc/init.d/vboxdrv setup * Stopping VirtualBox kernel modules [ OK ] * Uninstalling old VirtualBox DKMS kernel modules Error! Could not locate dkms.conf file. File: does not exist. [ OK ] * Trying to register the VirtualBox kernel modules using DKMS [ OK ] * Starting VirtualBox kernel modules [ OK ] Though it looks like installation was fine but I am concerned about its effects to VirtualBox functionality. To fix this, do: $: cd /var/lib/dkms/vboxhost $: sudo rm -r 4.1.4 $: sudo /etc/init.d/vboxdrv setup Of course you have to re
11 comments
Read more

The following add-ins could not be started MonoDevelop.GnomePlatform

By
Installing MonoDevelop in OpenSUSE 12.2 from its repository was very easy. When running it for the first time though I got the message: The following add-ins could not be started: The root of the trace shows MonoDevelop.GnomePlatform,2.8 A quick search shows that MonoDevelop depends on libgnomeui . This should have been part of dependencies when installing the application but well.... Below is the screen shot of the error message. References: http://software.1713.n2.nabble.com/MonoDevelop-and-openSUSE-12-1-td7462957.html [2013/04/09] - Same issue observed in OpenSUSE 12.3 and also the same fix. [2014/11/02] - Same issue observed in OpenSUSE 13.3, mondevelop 3.0.6 and the same fix.
21 comments
Read more