Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Why should I run custom images as sagemaker-user? #20

Open
peter-wimsey opened this issue Feb 1, 2022 · 1 comment
Open

Why should I run custom images as sagemaker-user? #20

peter-wimsey opened this issue Feb 1, 2022 · 1 comment

Comments

@peter-wimsey
Copy link

The examples in this repo and the image configuration in SageMaker Studio assume that custom images are run as user sagemaker-user with UID 1000 and GUID 100.

However, at least some of SageMaker's own images (Data Science and PyTorch for example, have not tested all) run as root.

Running as something other than root makes installing into the kernel image at runtime difficult:

$ pip install some-package
Defaulting to user installation because normal site-packages is not writeable
...

and I end up with files in the user's home directory where they don't get cleaned up.

Why should I not just run as root like SageMaker's built-in images?

@otmcevoy
Copy link

otmcevoy commented May 21, 2024

A few years late but adding a comment in case it's helpful, while reading some documentation I stumbled across this:

GID/UID limits
Amazon SageMaker Studio Classic only supports the following DefaultUID and DefaultGID combinations:

DefaultUID: 1000 and DefaultGID: 100, which corresponds to a non-priveleged user.

DefaultUID: 0 and DefaultGID: 0, which corresponds to root access.

So I think the SageMaker built in images must be setting the IDs to 0 which grants the users root access. These examples set the IDs to 1000/100, which could be useful if you wanted more fine-grained permission controls and to limit the administrative capabilities of common users.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants