ApolloX ROOT privileges in Docker Container

Technical Support
, ,
1

I’m currently trying to get the ApolloX VSCode IDE to work. While trying to use the libsocketcan library and setting up the CAN Interface with

can_set_bitrate("can0", 500000);
can_do_start("can0");

I am not getting any compiler or linker error but these two lines are not doing anything when starting debugging and I am not able to use the CAN Interface.
When I set up the CAN Interface and Bitrate over SSH prior, I can send CAN Messages.
I am guessing this is due to missing root privileges in the Docker container:

I set my docker-compose.yml up like this:

version: "3.9"
services:
  cppapollotestcontainer-debug:
    build:
      context: .
      dockerfile: Dockerfile.debug
    user: root
    cap_add:
    - SYS_NICE
    - CAP_NET_ADMIN
    network_mode: "host"
    volumes:
    - /dev:/dev
    image: ${LOCAL_REGISTRY}:5002/cppapollotestcontainer-debug:${TAG}
    # ports:
    #  - 2230:2230

And my dockerfile.debug like this:


[...]

# SSH for remote debug
EXPOSE ${SSH_DEBUG_PORT}
ARG SSHUSERNAME=torizon

# Make sure we don't get notifications we can't answer during building.
ENV DEBIAN_FRONTEND="noninteractive"

# your regular RUN statements here
# Install required packages
RUN apt-get -q -y update && \
    apt-get -q -y install \
    openssl \
    openssh-server \
    rsync \
    file \
    curl \
    libsocketcan2 libmodbus5 \
    gdb && \
    apt-get clean && apt-get autoremove && \
    rm -rf /var/lib/apt/lists/*
    
[...]
    
CMD [ "/usr/sbin/sshd", "-D"]

I tried changing the ARG SSHUSERNAME to root but it threw me an error.

How can I use the Docker container as root?

I’m working on Colibri IMX6ULL 1GB IT on the Colibri Eval Board.

2

Greetings @xlukem,

In order to run a container with a certain user you typically need to set this in the Dockerfile. There’s a property called USER you can set like so:

USER root

Whatever the user set here will be the user used when the container is ran. More information about this property can be found here: Dockerfile reference | Docker Documentation

Best Regards,
Jeremias

3

Hey Jeremias!

Thank you for your help. Unfortunately this did not help. I put “USER root” at different points in the Dockerfile but the outcome was still the same.
I am still guessing this may work by changing the $SSHUSERNAME Variable in the Dockerfile.debug file.

It prompts me to input a password but the default password doesnt work.
This is the console log when I try to change it to “root”:

 *  Executing task: ssh -i /home/xlukem/cppapollotest/.conf/id_rsa -p 2230 -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no torizon@192.168.178.104 rm -rf ~/app 

Warning: Permanently added '[192.168.178.104]:2230' (ECDSA) to the list of known hosts.
torizon@192.168.178.104's password:

Thank you very much!
Lukas

5

Hi @xlukem

thanks for trying the ApolloX!
We updated our templates to be possible to run the application in debug mode with other user than the default torizon user.

:warning: For now it is not possible to update projects created with previous versions of the templates. Then create a new cppConsole project and copy only the code from your old project into this new one. We are working in a mechanism to do this template update from created projects automatically. Thank you for understanding.

With the new project you should have the following properties in the .vscode/settings.json file:

  "torizon_run_as": "torizon",
  "torizon_app_root": "/home/torizon"

Change these to:

  "torizon_run_as": "root",
  "torizon_app_root": "/root"

torizon_run_as store the default user to run the application and the torizon_app_root store the home folder for the user.

Let us know if this works for you.

Best Regards,

6

Hey @matheus.tx

Thank you very much for your help and fast reply!
I set up a new project, changed the parameters and can now use root privileges inside of my Docker container and the libsocketcan library accordingly.

Best Regards,
Lukas

1 Like