VS Code Remote-Containers: cannot create directory ‘/home/appuser’:

Question

I'm trying to use the Remote - Containers extension for Visual Studio Code, but when I "Open Folder in Container", I get this error:

Run: docker exec 0d0c1eac6f38b81566757786f853d6f6a4f3a836c15ca7ed3a3aaf29b9faab14 /bin/sh -c set -o noclobber ; mkdir -p '/home/appuser/.vscode-server/data/Machine' && { > '/home/appuser/.vscode-server/data/Machine/.writeMachineSettingsMarker' ; } 2> /dev/null
mkdir: cannot create directory ‘/home/appuser’: Permission denied

My Dockerfile uses:

FROM python:3.7-slim
...
RUN useradd -ms /bin/bash appuser
USER appuser

I've also tried:

RUN adduser -D appuser
RUN groupadd -g 999 appuser && \
    useradd -r -u 999 -g appuser appuser
USER appuser

Both of these work if I build them directly. How do I get this to work?

Answer 1

What works for me is to create a non-root user in my Dockerfile and then configure the VS Code dev container to use that user.

Step 1. Create the non-root user in your Docker image

ARG USER_ID=1000
ARG GROUP_ID=1000
RUN groupadd --system --gid ${GROUP_ID} MY_GROUP && \
    useradd --system --uid ${USER_ID} --gid MY_GROUP --home /home/MY_USER --shell /sbin/nologin MY_USER

Step 2. Configure .devcontainer/devcontainer.json file in the root of your project (should be created when you start remote dev)

"remoteUser": "MY_USER" <-- this is the setting you want to update

If you use docker compose, it's possible to configure VS Code to run the entire container as the non-root user by configuring .devcontainer/docker-compose.yml, but I've been happy with the process described above so I haven't experimented further.

You might get some additional insight by reading through the VS Code docs on this topic.