Postgres: run on openshift 3.6, user does not exist

Yes, this is noted in the documentation.

As of docker-library/postgres#253, this image supports running as a (mostly) arbitrary user via --user on docker run.

The main caveat to note is that postgres doesn't care what UID it runs as (as long as the owner of /var/lib/postgresql/data matches), but initdb does care (and needs the user to exist in /etc/passwd)

- https://github.com/docker-library/docs/tree/2c7f3a40774774389a4a372ef21ccd34ea53d551/postgres#arbitrary---user-notes

@yosifkit: Just because it is noted in the documentation doesn't mean that it is OK.

This is a major pain when running on OpenShift, and could be fixed by a simple use of nss_wrapper.

Not sure how I missed this before, but https://cwrap.org/nss_wrapper.html is the first sane solution I've seen proposed to this OpenShift-specific problem -- essentially faking software that cares to think the user we're running as exists in /etc/passwd is pretty smart IMO.

I'm reopening so we can explore this solution more.

https://bugs.alpinelinux.org/issues/6710 makes me sad, but https://packages.debian.org/source/stretch/nss-wrapper is a good sign! (so at least Debian-based images using this would be pretty trivial)

Success! https://github.com/docker-library/postgres/pull/448

If, like me, you wound up here because your Postgres container would not run on OpenShift: don't use the -alpine variant, as it still does not contain the nss-wrapper tool that is needed.