From e402744f9d194d147a85a844d4ccb109222b0536 Mon Sep 17 00:00:00 2001 From: Jan Buchar Date: Fri, 24 Apr 2026 10:37:17 +0200 Subject: [PATCH] fix: Pin myuser UID/GID to 990 to prevent drift The myuser account was created with `groupadd -r` and `useradd -r` which auto-assign system IDs counting downward from 999. When base images add or remove system users, the auto-assigned ID shifts, breaking persistent volume mounts that depend on a stable UID/GID. Pin both UID and GID to 990 across all 6 affected Dockerfiles. - closes #287 --- node-phantomjs/Dockerfile | 2 +- node-playwright-chrome/Dockerfile | 2 +- node-playwright-firefox/Dockerfile | 2 +- node-playwright-webkit/Dockerfile | 2 +- node-playwright/Dockerfile | 2 +- node-puppeteer-chrome/Dockerfile | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/node-phantomjs/Dockerfile b/node-phantomjs/Dockerfile index e88f45cd..f06e14bd 100644 --- a/node-phantomjs/Dockerfile +++ b/node-phantomjs/Dockerfile @@ -23,7 +23,7 @@ RUN DEBIAN_FRONTEND=noninteractive apt-get purge --auto-remove -y wget \ && rm -rf /src/*.deb # Run everything after as non-privileged user to avoid warnings -RUN groupadd -r myuser && useradd -r -g myuser -G audio,video myuser \ +RUN groupadd -r -g 990 myuser && useradd -r -u 990 -g myuser -G audio,video myuser \ && mkdir -p /home/myuser/Downloads \ && chown -R myuser:myuser /home/myuser USER myuser diff --git a/node-playwright-chrome/Dockerfile b/node-playwright-chrome/Dockerfile index 6304cb58..1d48b56e 100644 --- a/node-playwright-chrome/Dockerfile +++ b/node-playwright-chrome/Dockerfile @@ -32,7 +32,7 @@ RUN \ --no-install-recommends \ \ # Add user so we don't need --no-sandbox. - && groupadd -r myuser && useradd -r -g myuser -G audio,video myuser \ + && groupadd -r -g 990 myuser && useradd -r -u 990 -g myuser -G audio,video myuser \ && mkdir -p /home/myuser/Downloads \ && chown -R myuser:myuser /home/myuser \ \ diff --git a/node-playwright-firefox/Dockerfile b/node-playwright-firefox/Dockerfile index 821c640d..966bf894 100644 --- a/node-playwright-firefox/Dockerfile +++ b/node-playwright-firefox/Dockerfile @@ -25,7 +25,7 @@ RUN sh -c 'echo "deb http://ftp.us.debian.org/debian bookworm main non-free" >> && ./register_intermediate_certs.sh \ \ # Add user so we don't need --no-sandbox. - && groupadd -r myuser && useradd -r -g myuser -G audio,video myuser \ + && groupadd -r -g 990 myuser && useradd -r -u 990 -g myuser -G audio,video myuser \ && mkdir -p /home/myuser/Downloads \ && chown -R myuser:myuser /home/myuser \ \ diff --git a/node-playwright-webkit/Dockerfile b/node-playwright-webkit/Dockerfile index a3e22bff..b39745d1 100644 --- a/node-playwright-webkit/Dockerfile +++ b/node-playwright-webkit/Dockerfile @@ -21,7 +21,7 @@ RUN apt-get update \ && npm install -g yarn \ \ # Add user so we don't need --no-sandbox. - && groupadd -r myuser && useradd -r -g myuser -G audio,video myuser \ + && groupadd -r -g 990 myuser && useradd -r -u 990 -g myuser -G audio,video myuser \ && mkdir -p /home/myuser/Downloads \ && chown -R myuser:myuser /home/myuser \ # Globally disable the update-notifier. diff --git a/node-playwright/Dockerfile b/node-playwright/Dockerfile index e8761118..8d2fdf82 100644 --- a/node-playwright/Dockerfile +++ b/node-playwright/Dockerfile @@ -34,7 +34,7 @@ RUN apt-get update \ && apt install --fix-missing -yq ./google-chrome-stable_current_amd64.deb && rm ./google-chrome-stable_current_amd64.deb \ \ # Add user so we don't need --no-sandbox. - && groupadd -r myuser && useradd -r -g myuser -G audio,video myuser \ + && groupadd -r -g 990 myuser && useradd -r -u 990 -g myuser -G audio,video myuser \ && mkdir -p /home/myuser/Downloads \ && chown -R myuser:myuser /home/myuser \ \ diff --git a/node-puppeteer-chrome/Dockerfile b/node-puppeteer-chrome/Dockerfile index bb7d0156..1372c8ff 100644 --- a/node-puppeteer-chrome/Dockerfile +++ b/node-puppeteer-chrome/Dockerfile @@ -39,7 +39,7 @@ RUN apt-get update \ && apt install --fix-missing -yq ./google-chrome-stable_current_amd64.deb && rm ./google-chrome-stable_current_amd64.deb \ \ # Add user so we don't need --no-sandbox. - && groupadd -r myuser && useradd -r -g myuser -G audio,video myuser \ + && groupadd -r -g 990 myuser && useradd -r -u 990 -g myuser -G audio,video myuser \ && mkdir -p /home/myuser/Downloads \ && chown -R myuser:myuser /home/myuser \ \