I downloaded sudo in my DockerFile
RUN yum -y update &&
yum -y install which sudo
I have set suid bit on it
RUN chown root:root /usr/bin/sudo RUN chmod 4755 /usr/bin/sudo
In container I see lot of binaries with suid bit set
root@89f28b09dee0 go]# ls -la /usr/bin/* | grep rwsr
-rwsr-xr-x 1 root root 73888 Aug 9 2019 /usr/bin/chage
-rwsr-xr-x 1 root root 78408 Aug 9 2019 /usr/bin/gpasswd
-rwsr-xr-x 1 root root 44264 Aug 9 2019 /usr/bin/mount
-rwsr-xr-x 1 root root 41936 Aug 9 2019 /usr/bin/newgrp
-rwsr-xr-x 1 root root 27856 Aug 9 2019 /usr/bin/passwd
-rwsr-xr-x 1 root root 32128 Aug 9 2019 /usr/bin/su
-rwsr-xr-x 1 root root 147320 Aug 9 2019 /usr/bin/sudo
-rwsr-xr-x 1 root root 31984 Aug 9 2019 /usr/bin/umount
Other binaries which are part of base image works seelessly
[test@89f28b09dee0 go]$ passwd Changing password for user test. Changing password for test. (current) UNIX password:
But sudo fails
sudo sudo: effective uid is not 0, is /usr/bin/sudo on a file system with the 'nosuid' option set or an NFS file system without root privileges? [test@89f28b09dee0 go]$
Most of search on internet says it may be because of filesystem permission but other binaries are working fine from same location with suid bit set.