Failed to launch in azure-pipelines microsoft hosted environment with Ubuntu-22.04

[miurahr]

When launching amke/innosetup:64bit-buster on azure-pipelines with a command line like

umask a+w
exec docker run -i -rm -u `id -u`:`id -g` -v "$PWD":/work amake/innosetup:64bit-buster  build/innosetup/OmegaT.iss

It always failed with

wine: /home/xclient/.wine is not owned by you
wine: /home/xclient/.wine is not owned by you

[miurahr]

It works well in my local Mint Linux 21.2 environment with nerdctl and docker client ver 24.0.5.

[amake]

My guess is that -u `id -u`:`id -g` makes the user/group mismatch in Azure, whereas in your local environment the user and group IDs do match by coincidence.

Fundamentally this is the same as #7

[miurahr]

/etc/passwd

xclient:x:1000:101:user for running an xclient application,,,:/home/xclient:/bin/bash

/home/xclient

drwxr-xr-x 1 xclient xusers 4096 Nov 11 22:23 .wine

/etc/group

xusers:x:101:

when run on my desktop containerd/nerdctl without root permission, executed environment uid/gid = 1000/1000

[miurahr]

Now I hope this works

PUID=`id -u`
PGID=`id -g`
IMAGE=omegatorg/innosetup:innosetup6

cat << __EOF__ | docker build -t $IMAGE - || true
FROM docker.io/amake/innosetup:innosetup6-buster
#
USER root
RUN usermod -u $PUID -o xclient && groupmod -g $PGID -o xusers
RUN chown -R $PUID:$PGID /home/xclient /work
#
USER xclient
ENV HOME /home/xclient
ENV WINEPREFIX /home/xclient/.wine
ENV WINEARCH win32
WORKDIR /work
ENTRYPOINT ["iscc"]
__EOF__

docker run -i --rm   -u `id -u`:`id -g`  -v "$PWD":/work  $IMAGE $ISS

test

When running docker with 1000:1000 environment, I observes

drwxr-xr-x 1 xclient xusers 4096 Nov 12 00:01 .wine

xclient:x:1000:1000:user for running an xclient application,,,:/home/xclient:/bin/bash

xusers:x:1000:

This is an evidence groupmod works. It will work when usermod effective. I'd like to try it on azure-pipelines.
Docker image don't have any user who has uid > 1000, so there will be no congestion in uid.