Practice - Persistent Data, Alternate User

App Name: switch

Image: nginx:1.21

Persistent Data Directory: /data

CPU: 500

RAM: 500

✅ Create Application

✅ Use WebTTY and enter your pod

✅ After getting a shell into your pod

---

✅ Check /data is owned by root

root# ls -al /data

total 24

drwxr-xr-x 3 root root 4096 Jan 19 12:54 .

drwxr-xr-x 1 root root 4096 Jan 19 12:57 ..

drwx------ 2 root root 16384 Jan 19 12:54 lost+found

✅ Create demo user

groupadd demo

useradd demo -g demo -m

✅ Give /data to demo user

chown demo:demo /data

✅ Prove we can use a user that only exists in this pod

su - demo -c whoami

demo

✅ Run a command as another user

root# su demo -c "touch /data/myfile"

✅ See a resulting file owned by the other user (which doesn't exist in the "hypervisor")

root# ls -al /data

total 24

drwxr-xr-x 3 demo demo 4096 Jan 19 13:01 .

drwxr-xr-x 1 root root 4096 Jan 19 12:57 ..

drwx------ 2 root root 16384 Jan 19 12:54 lost+found

-rw-r--r-- 1 demo demo 0 Jan 19 13:01 myfile