Change log
The prominent changes for this release are:
- The native KDE Plasma inteface with Win11OS theme. KDE Plasmashell application replaces the HTML dock and search text area.
- Supports hardware accelerated OpenGL and Vulkan on drivers that supports GBM (FOSS drivers and newer Nvidia drivers) with TigerVNC 1.15.0
- The registry is hosted by gitHub container registry ghcr.io. All images start this this prefix
ghcr.io/abcdesktopio
. The abcdesktop.yaml yaml file and od.config are updated with the prefix. - abcdesktop.yaml file include ConfigMap to customize user's local account files [ '/etc/passwd', '/etc/group', '/etc/shadow', '/etc/gshadow' ]
- network policies support Pod application
- oc.user image uses
ubuntu:24.04
as based image.
oc.user images
There is 3 oc.user images, all images are based on ubuntu:24.04
ghcr.io/abcdesktopio/oc.user.ubuntu.24.04:4.0
is the default oc.user image with consolewebshell
supportghcr.io/abcdesktopio/oc.user.ubuntu.sudo.24.04:4.0
like oc.user image withsudo
command embedded, a user can run sudo command inside the containerghcr.io/abcdesktopio/oc.user.hardening.24.04:4.0
less built-in binary, withoutsudo
command and withoutwebshell
console andterminal
application
All images embedded the graphical services: X11 server (TigerVNC), websockify and plasmashell.
default balloon
account is deleted
The default balloon
account does exist anymore, by default.
The files ( /etc/passwd, /etc/group, /etc/shadow, /etc/gshadow ) are customized during the login process, with the posix user login.
balloon
account can still be present only if your ldap (or your auth provider) doesn't provide posix groups and account.
Compatibily support
The abcdesktop applications in format 3.X
(including 3.4) are compatible with abcdesktop application in format 4.0
.
The 4.0
format includes a change for the files /etc/shadow
and /etc/gshadow
.
- /etc/shadow -> /etc/localaccount.shadow/shadow
- /etc/gshadow -> /etc/localaccount.shadow/gshadow
The symbolic links are linked to the /etc/localaccount.shadow
volume. Some commands or programs (e.g., su, passwd, adduser and others) access to the shadow file.
If your application need an access to the file '/etc/shadow' or the file '/etc/gshadow', then you have to add this line to your Dockerfile.
RUN for f in shadow gshadow ; do if [ -f /etc/$f ] ; then cp /etc/$f /etc/localaccount.shadow; rm -f /etc/$f; ln -s /etc/localaccount.shadow/$f /etc/$f; fi; done
The complete lines for a users support with ( passwd, group ) and ( shadow, gshadow )
# Create links for local acccounts
# /etc/passwd -> /etc/localaccount/passwd
# /etc/group -> /etc/localaccount/group
# /etc/shadow -> /etc/localaccount.shadow/shadow
# /etc/gshadow -> /etc/localaccount.shadow/gshadow
RUN mkdir -p /etc/localaccount /etc/localaccount.shadow
RUN for f in passwd group ; do if [ -f /etc/$f ] ; then cp /etc/$f /etc/localaccount; rm -f /etc/$f; ln -s /etc/localaccount/$f /etc/$f; fi; done
RUN for f in shadow gshadow ; do if [ -f /etc/$f ] ; then cp /etc/$f /etc/localaccount.shadow; rm -f /etc/$f; ln -s /etc/localaccount.shadow/$f /etc/$f; fi; done