Unable to use sudo commands within Docker, "bash: sudo: command not found" is displayed

Asked 11/10, 2016 at 19:45 Answered 16/7, 2022 at 15:26

I have installed TensorFlow using the following command

docker run -it b.gcr.io/tensorflow/tensorflow:latest-devel

and I need to set up TensorFlow Serving on a windows machine. I followed the instructions and while running the below-mentioned sudo command while installing TensorFlow Serving dependencies:

sudo apt-get update && sudo apt-get install -y \
     build-essential \
     curl \
     git \
     libfreetype6-dev \
     libpng12-dev \
     libzmq3-dev \
     pkg-config \
     python-dev \
     python-numpy \
     python-pip \
     software-properties-common \
     swig \
     zip \
     zlib1g-dev

The following error is displayed:

bash: sudo: command not found

Jeggar answered 11/10, 2016 at 19:45 Comment(1)

What's with the folks voting to close-as-Superuser? Questions about writing a Dockerfile are certainly dev-related; this one should be closed for not having sufficient information to reproduce (not containing the full Dockerfile, run command, or even the error except behind an image link), not as belonging on SU. – Herbart 11/10, 2016 at 20:24

136

docker comes along with root it doesnt require sudo.

BTW if you want sudo in docker if you want to install sudo,

try this,

apt-get update && \
      apt-get -y install sudo

now you can use sudo along with your command in docker...

Madaras answered 10/4, 2018 at 12:23 Comment(8)

There is no reason to weaken the security of the container by installing sudo in it, even if you can. – Chitterlings 19/10, 2019 at 12:18

In case apt-get is not installed use: apk add --update sudo – Askew 31/7, 2020 at 1:57

@PeterV.Mørch isn't it useful for commands like sudo --user postgres psql -d template1? – Fordone 9/2, 2022 at 15:21

@PeterV.Mørch - how do you run chmod then? I get Operation not permitted . So I guess thats why I need sudo – Shadow 6/4, 2022 at 10:38

@Shadow You can run chmod on files you own or have the rights to modify, but not on other files. Hopefully, if you need to chmod other files, you can do that in Dockerfile while building the image (where you can do things as root), but once the image has been built, you shouldn't need chmod for files your user doesn't have rights for. And if you do, your app requires root access, in which case my claim here is that then it needs a security review, likely for multiple other reasons too :-) – Chitterlings 6/4, 2022 at 10:57

@PeterV.Mørch How security weakens since the user is already root? – Shumpert 25/5, 2022 at 20:21

@Shumpert It is safe to be root while you're building the container using Dockerfile. For that you don't need sudo, because you're root already. It is not safe to be root while running the container. So you shouldn't need sudo. Just installing sudo weakens security. If for some reason your application needs sudo at runtime, my claim is that your application is broken form a security standpoint. Or tell me the specifics that require sudo and we'll take it from there. – Chitterlings 26/5, 2022 at 11:13

In my bash scripts I have plenty of sudo ... commands like sudo mkdir /work or sudo rm -rf /.... When sudo is not installed, bash scripts does not work in the container. Its hard to maintain the same bash script for the container and the host machine – Shumpert 26/5, 2022 at 11:58

Docker images typically do not have sudo, you are already running as root by default. Try

apt-get update && apt-get install -y build-essential curl git libfreetype6-dev libpng12-dev libzmq3-dev pkg-config python-dev python-numpy python-pip software-properties-common swig zip zlib1g-d

If you wish to not run as root, see the Docker documentation on the User command.

Kampong answered 11/10, 2016 at 19:48 Comment(11)

The backslashes are actually harmful if, as here, you're putting everything on one line (since in this case, they're escaping whitespace, making the argument that would be build-essential instead be <space>build-essential); they're only correct in a multi-line command, as the OP was attempting to enter but failed to code-format. – Herbart 11/10, 2016 at 19:55

@sam: On running the command "apt-get update && apt-get install -y \ build-essential \ curl \ git \ libfreetype6-dev \ libpng12-dev \ libzmq3-dev \ pkg-config \ python-dev \ python-numpy \ python-pip \ software-properties-common \ swig \ zip \ zlib1g-d", the error "bash: apt-get: command not found" is displayed. – Jeggar 11/10, 2016 at 19:57

@Vasanti, well, that's pretty straightforward on its face, no? What's the base image you're extending? – Herbart 11/10, 2016 at 19:58

@CharlesDuffy: I run the following command to build my container "docker run -it b.gcr.io/tensorflow/tensorflow:latest-devel" – Jeggar 11/10, 2016 at 20:2

Hmm. If that's based on the Dockerfile at github.com/tensorflow/tensorflow/blob/master/tensorflow/tools/…, then it is Ubuntu-based, and so should have apt-get. Be interesting to figure out if the internal PATH is wrong, or if it's not really a match for that Dockerfile. Easy to do that, though -- just echo $PATH and ls -l /usr/sbin inside the container. – Herbart 11/10, 2016 at 20:22

@Vasanti, ...btw, please edit these clarifications into the question itself, rather than having them exist only as comments. – Herbart 11/10, 2016 at 20:23

@CharlesDuff: on running the command, ls -l /usr/bin/sbin, the following error is displayed: – Jeggar 11/10, 2016 at 20:26

ls: cannot access 'usr/bin/sbin': No such fifle or directory – Jeggar 11/10, 2016 at 20:27

@Vasanti, /usr/bin/sbin? Huh? I said /usr/sbin. – Herbart 11/10, 2016 at 20:33

@CharlesDuffy: It still shows the same error message "ls: cannot access '/usr/sbin": No such file or directory" – Jeggar 11/10, 2016 at 20:36

I'd suggest using the official Tenserflow dockerfile to build the image yourself, rather than something off Google's repository, then; the aforementioned official Dockerfile definitely is Ubuntu-based and doesn't prune sbin. – Herbart 11/10, 2016 at 20:38

We don't want to weaken the security of the container by installing sudo in it. But we also don't want to change existing scripts that work on normal machines just so that they work in docker, which doesn't need the sudo.

Instead, we can define a dummy bash script to replace sudo, which just executes the arguments without elevating permissions, and is only defined inside the docker image.

Add this to your Dockerfile:

# Make sudo dummy replacement, so we don't weaken docker security
RUN echo "#!/bin/bash\n\$@" > /usr/bin/sudo
RUN chmod +x /usr/bin/sudo

Aspiration answered 16/7, 2022 at 15:26 Comment(5)

I couldn't get this to work with an Ubuntu image. I tried switching to the /bin/bash to /bin/sh but still kept getting /bin/sh: 1: sudo: not found – Transpire 24/8, 2022 at 15:40

strange, it worked for me. With just an ubuntu image and the lines above, can you docker run -it ... bash and examine the /usr/bin/sudo file? Perhaps /usr/bin isn't in PATH in your image? – Aspiration 25/8, 2022 at 7:59

I already moved on and solved it another way. I actually lied a bit-- I was using atlassian/default-image:3, which they claim is based off Ubuntu's image. Maybe they did something funny. Thanks for the help, anyway – Transpire 25/8, 2022 at 15:36

This seems to be the correct answer for situations where a script is being executed that invokes sudo, so thanks – Artie 17/9, 2022 at 13:10

I had to add '-e': e.g. RUN echo -e "#!/bin/bash\n\$@" > /usr/bin/sudo – Baptista 13/1, 2023 at 18:50

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

Recommended topics

Hot tags