Docker Community Forums

Share and learn in the Docker community.

Passing env vars via run command in detached mode fails to work when you connect to container via ssh


(Gmcollins) #1

Hi, was wondering if anyone else is experiencing the same issue with environment variables defined at run of an image not being passed to running container.

FROM oraclelinux:7.1

RUN /usr/bin/ssh-keygen -A;
yum -y update;
yum -y install openssh openssh-server wget tar sudo unzip;
yum install -y initscripts systemd;
systemctl enable sshd;
echo ‘root:something’ | chpasswd;
sed -i ‘s/PermitRootLogin without-password/PermitRootLogin yes/’ /etc/ssh/sshd_config;
# SSH login fix. Otherwise user is kicked off after login
sed ‘s@session\srequired\ optional’ -i /etc/pam.d/sshd;
yum clean all;\

CMD ["/sbin/init", “3”]

docker build -t sometest .
docker run --privileged --name foo -d -e ‘FOO=YOU’ -p 2200:22 sometest
docker start foo

password = something
ssh root@docker-host -p 2200

env will NOT have FOO=YOU

Any Ideas? Docker Server Version: 1.10.3

running like below works… But not from a detached container…
docker run -ti -e “FOO=YOU” oraclelinux-systemd/7.1:base /bin/bash
[root@8224edf2ee2d /]# env

(Richardpayne) #2

Works fine for me. I’m on v1.11.1 though.

(David Maze) #3

I expect that init(8) is completely resetting the environment.

You might consider revisiting your overall approach to building this container. None of the containers I build run an init, install an sshd, set a root password, or require --privileged to run. These are much simpler to set up and don’t insecurely reuse keys. If I do need a shell within a running container, docker exec can provide that.

(Anyone who can get a copy of your image can run docker history to find its root password, if you’re reusing this setup in other environments and/or distributing it to customers.)

(Gmcollins) #4

This was a simple example… This is for an internal only project building some bits on the fly…
The users need the ability to have sshd running as well as autofs installed… In oracle linux 6 containers this use to work out of box… Once I switched to oraclelinux 7 it stopped working… Thus the steps to install/configure a container as such… The password… I agree, this was just a simple example.

In order to have sshd I need to run it --privileged mode. The init script starts up the services. Not sure of any other way to do that…

I believe what is happening is the environment variables set are being passed to the init script and not to a default shell.

(Gmcollins) #5

Hi Richard,

Works for you in that you tried my example and it works? Or you went about it another way?

(Richardpayne) #6

I simply tested passing environment variables into a container.
@dmaze’s explanation seems the likely cause of your issue.

Why do you need sshd installed? Just ssh to the docker host and run docker exec as already mentioned.