Build with docker and --privileged
I'm using this guide to Build a Voice Kit with Amazon Lex and a Raspberry Pi, but I need to use Docker. The problem is that the script that the guide curls and runs requires access to /dev/tty. I can grant access to /dev/tty when running docker containers, but I don't know how to do that when building containers.
My Dockerfile looks like this:
FROM resin/rpi-raspbian
WORKDIR /app
ADD . /app
#The script requires these
RUN apt-get update
RUN apt-get install iputils-ping
#The script has to be run with sudo priviliges but not as root
USER root
ADD /sudoers.txt /etc/sudoers
RUN chmod 440 /etc/sudoers
RUN useradd -ms /bin/bash lex
RUN echo 'lex:test' | chpasswd
RUN curl https://get.pimoroni.com/phatdac | bash
USER lex
EXPOSE 80
#Comment the last RUN command and uncomment this
#CMD curl https://get.pimoroni.com/phatdac | bash
And when I try to build the container with
docker build -t raspi1 .
it crashes on the script, because it can't access /dev/tty.
When running a container, I can use this script to grant access to /dev/tty and /dev/snd
#!/bin/sh
docker run -ti --rm \
-v /dev/snd:/dev/snd \
--privileged \
raspi7
and then try to use the script on the startup with CMD in the Dockerfile. But if I do that, then I need to use the script every time when running and I also need to do RUN on other stuff after the script has finished which would be nice to have on the Dockerfile when building.
TLDR; How to grant privileges to /dev/tty and /dev/snd when building a docker image?
Answer
Docker currently doesn't support exposing devices, or for that matter privileged operations when building.
According to @cpuguy83 what you are doing now - building a portable image without access to the host and completing the configuration when the container is first started - is the right thing to do:
Doing this kind of stuff at first container start is exactly the right way to go. It's a runtime configuration it shouldn't be in the image.
See bountysource.
There is also and old but still open moby's issue.