Practice - Persistent Data, Alternate User
App Name: switch
Image: nginx:1.21
Persistent Data Directory: /data
CPU: 500
RAM: 500
✅ Create Application
✅ Use WebTTY and enter your pod
✅ After getting a shell into your pod
---
✅ Check /data is owned by root
root# ls -al /data
total 24
drwxr-xr-x 3 root root 4096 Jan 19 12:54 .
drwxr-xr-x 1 root root 4096 Jan 19 12:57 ..
drwx------ 2 root root 16384 Jan 19 12:54 lost+found
✅ Create demo user
groupadd demo
useradd demo -g demo -m
✅ Give /data to demo user
chown demo:demo /data
✅ Prove we can use a user that only exists in this pod
su - demo -c whoami
demo
✅ Run a command as another user
root# su demo -c "touch /data/myfile"
✅ See a resulting file owned by the other user (which doesn't exist in the "hypervisor")
root# ls -al /data
total 24
drwxr-xr-x 3 demo demo 4096 Jan 19 13:01 .
drwxr-xr-x 1 root root 4096 Jan 19 12:57 ..
drwx------ 2 root root 16384 Jan 19 12:54 lost+found
-rw-r--r-- 1 demo demo 0 Jan 19 13:01 myfile
Last updated
