jupyterlab-datascience-gpu/old/start.sh

#!/bin/bash
# Copyright (c) Jupyter Development Team.
# Distributed under the terms of the Modified BSD License.

set -e

# The _log function is used for everything this script wants to log. It will
# always log errors and warnings, but can be silenced for other messages
# by setting JUPYTER_DOCKER_STACKS_QUIET environment variable.
_log () {
    if [[ "$*" == "ERROR:"* ]] || [[ "$*" == "WARNING:"* ]] || [[ "${JUPYTER_DOCKER_STACKS_QUIET}" == "" ]]; then
        echo "$@"
    fi
}
_log "Entered start.sh with args:" "$@"

# The run-hooks function looks for .sh scripts to source and executable files to
# run within a passed directory.
run-hooks () {
    if [[ ! -d "${1}" ]] ; then
        return
    fi
    _log "${0}: running hooks in ${1} as uid / gid: $(id -u) / $(id -g)"
    for f in "${1}/"*; do
        case "${f}" in
            *.sh)
                _log "${0}: running script ${f}"
                # shellcheck disable=SC1090
                source "${f}"
                ;;
            *)
                if [[ -x "${f}" ]] ; then
                    _log "${0}: running executable ${f}"
                    "${f}"
                else
                    _log "${0}: ignoring non-executable ${f}"
                fi
                ;;
        esac
    done
    _log "${0}: done running hooks in ${1}"
}

# A helper function to unset env vars listed in the value of the env var
# JUPYTER_ENV_VARS_TO_UNSET.
unset_explicit_env_vars () {
    if [ -n "${JUPYTER_ENV_VARS_TO_UNSET}" ]; then
        for env_var_to_unset in $(echo "${JUPYTER_ENV_VARS_TO_UNSET}" | tr ',' ' '); do
            echo "Unset ${env_var_to_unset} due to JUPYTER_ENV_VARS_TO_UNSET"
            unset "${env_var_to_unset}"
        done
        unset JUPYTER_ENV_VARS_TO_UNSET
    fi
}


# Default to starting bash if no command was specified
if [ $# -eq 0 ]; then
    cmd=( "bash" )
else
    cmd=( "$@" )
fi

# NOTE: This hook will run as the user the container was started with!
run-hooks /usr/local/bin/start-notebook.d

# If the container started as the root user, then we have permission to refit
# the jovyan user, and ensure file permissions, grant sudo rights, and such
# things before we run the command passed to start.sh as the desired user
# (NB_USER).
#
if [ "$(id -u)" == 0 ] ; then
    # Environment variables:
    # - NB_USER: the desired username and associated home folder
    # - NB_UID: the desired user id
    # - NB_GID: a group id we want our user to belong to
    # - NB_GROUP: a group name we want for the group
    # - GRANT_SUDO: a boolean ("1" or "yes") to grant the user sudo rights
    # - CHOWN_HOME: a boolean ("1" or "yes") to chown the user's home folder
    # - CHOWN_EXTRA: a comma separated list of paths to chown
    # - CHOWN_HOME_OPTS / CHOWN_EXTRA_OPTS: arguments to the chown commands

    # Refit the jovyan user to the desired the user (NB_USER)
    if id jovyan &> /dev/null ; then
        if ! usermod --home "/home/${NB_USER}" --login "${NB_USER}" jovyan 2>&1 | grep "no changes" > /dev/null; then
            _log "Updated the jovyan user:"
            _log "- username: jovyan       -> ${NB_USER}"
            _log "- home dir: /home/jovyan -> /home/${NB_USER}"
        fi
    elif ! id -u "${NB_USER}" &> /dev/null; then
        _log "ERROR: Neither the jovyan user or '${NB_USER}' exists. This could be the result of stopping and starting, the container with a different NB_USER environment variable."
        exit 1
    fi
    # Ensure the desired user (NB_USER) gets its desired user id (NB_UID) and is
    # a member of the desired group (NB_GROUP, NB_GID)
    if [ "${NB_UID}" != "$(id -u "${NB_USER}")" ] || [ "${NB_GID}" != "$(id -g "${NB_USER}")" ]; then
        _log "Update ${NB_USER}'s UID:GID to ${NB_UID}:${NB_GID}"
        # Ensure the desired group's existence
        if [ "${NB_GID}" != "$(id -g "${NB_USER}")" ]; then
            groupadd --force --gid "${NB_GID}" --non-unique "${NB_GROUP:-${NB_USER}}"
        fi
        # Recreate the desired user as we want it
        userdel "${NB_USER}"
        useradd --home "/home/${NB_USER}" --uid "${NB_UID}" --gid "${NB_GID}" --groups 100 --no-log-init "${NB_USER}"
    fi

    # Move or symlink the jovyan home directory to the desired users home
    # directory if it doesn't already exist, and update the current working
    # directory to the new location if needed.
    if [[ "${NB_USER}" != "jovyan" ]]; then
        if [[ ! -e "/home/${NB_USER}" ]]; then
            _log "Attempting to copy /home/jovyan to /home/${NB_USER}..."
            mkdir "/home/${NB_USER}"
            if cp -a /home/jovyan/. "/home/${NB_USER}/"; then
                _log "Success!"
            else
                _log "Failed to copy data from /home/jovyan to /home/${NB_USER}!"
                _log "Attempting to symlink /home/jovyan to /home/${NB_USER}..."
                if ln -s /home/jovyan "/home/${NB_USER}"; then
                    _log "Success creating symlink!"
                else
                    _log "ERROR: Failed copy data from /home/jovyan to /home/${NB_USER} or to create symlink!"
                    exit 1
                fi
            fi
        fi
        # Ensure the current working directory is updated to the new path
        if [[ "${PWD}/" == "/home/jovyan/"* ]]; then
            new_wd="/home/${NB_USER}/${PWD:13}"
            _log "Changing working directory to ${new_wd}"
            cd "${new_wd}"
        fi
    fi

    # Optionally ensure the desired user get filesystem ownership of it's home
    # folder and/or additional folders
    if [[ "${CHOWN_HOME}" == "1" || "${CHOWN_HOME}" == "yes" ]]; then
        _log "Ensuring /home/${NB_USER} is owned by ${NB_UID}:${NB_GID} ${CHOWN_HOME_OPTS:+(chown options: ${CHOWN_HOME_OPTS})}"
        # shellcheck disable=SC2086
        chown ${CHOWN_HOME_OPTS} "${NB_UID}:${NB_GID}" "/home/${NB_USER}"
    fi
    if [ -n "${CHOWN_EXTRA}" ]; then
        for extra_dir in $(echo "${CHOWN_EXTRA}" | tr ',' ' '); do
            _log "Ensuring ${extra_dir} is owned by ${NB_UID}:${NB_GID} ${CHOWN_EXTRA_OPTS:+(chown options: ${CHOWN_EXTRA_OPTS})}"
            # shellcheck disable=SC2086
            chown ${CHOWN_EXTRA_OPTS} "${NB_UID}:${NB_GID}" "${extra_dir}"
        done
    fi

    # Update potentially outdated environment variables since image build
    export XDG_CACHE_HOME="/home/${NB_USER}/.cache"

    # Prepend ${CONDA_DIR}/bin to sudo secure_path
    sed -r "s#Defaults\s+secure_path\s*=\s*\"?([^\"]+)\"?#Defaults secure_path=\"${CONDA_DIR}/bin:\1\"#" /etc/sudoers | grep secure_path > /etc/sudoers.d/path

    # Optionally grant passwordless sudo rights for the desired user
    if [[ "$GRANT_SUDO" == "1" || "$GRANT_SUDO" == "yes" ]]; then
        _log "Granting ${NB_USER} passwordless sudo rights!"
        echo "${NB_USER} ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers.d/added-by-start-script
    fi

    # NOTE: This hook is run as the root user!
    run-hooks /usr/local/bin/before-notebook.d

    unset_explicit_env_vars
    _log "Running as ${NB_USER}:" "${cmd[@]}"
    exec sudo --preserve-env --set-home --user "${NB_USER}" \
        PATH="${PATH}" \
        PYTHONPATH="${PYTHONPATH:-}" \
        "${cmd[@]}"
        # Notes on how we ensure that the environment that this container is started
        # with is preserved (except vars listed in JUPYTER_ENV_VARS_TO_UNSET) when
        # we transition from running as root to running as NB_USER.
        #
        # - We use `sudo` to execute the command as NB_USER. What then
        #   happens to the environment will be determined by configuration in
        #   /etc/sudoers and /etc/sudoers.d/* as well as flags we pass to the sudo
        #   command. The behavior can be inspected with `sudo -V` run as root.
        #
        #   ref: `man sudo`    https://linux.die.net/man/8/sudo
        #   ref: `man sudoers` https://www.sudo.ws/man/1.8.15/sudoers.man.html
        #
        # - We use the `--preserve-env` flag to pass through most environment
        #   variables, but understand that exceptions are caused by the sudoers
        #   configuration: `env_delete` and `env_check`.
        #
        # - We use the `--set-home` flag to set the HOME variable appropriately.
        #
        # - To reduce the default list of variables deleted by sudo, we could have
        #   used `env_delete` from /etc/sudoers. It has higher priority than the
        #   `--preserve-env` flag and the `env_keep` configuration.
        #
        # - We preserve PATH and PYTHONPATH explicitly. Note however that sudo
        #   resolves `${cmd[@]}` using the "secure_path" variable we modified
        #   above in /etc/sudoers.d/path. Thus PATH is irrelevant to how the above
        #   sudo command resolves the path of `${cmd[@]}`. The PATH will be relevant
        #   for resolving paths of any subprocesses spawned by `${cmd[@]}`.

# The container didn't start as the root user, so we will have to act as the
# user we started as.
else
    # Warn about misconfiguration of: granting sudo rights
    if [[ "${GRANT_SUDO}" == "1" || "${GRANT_SUDO}" == "yes" ]]; then
        _log "WARNING: container must be started as root to grant sudo permissions!"
    fi

    JOVYAN_UID="$(id -u jovyan 2>/dev/null)"  # The default UID for the jovyan user
    JOVYAN_GID="$(id -g jovyan 2>/dev/null)"  # The default GID for the jovyan user

    # Attempt to ensure the user uid we currently run as has a named entry in
    # the /etc/passwd file, as it avoids software crashing on hard assumptions
    # on such entry. Writing to the /etc/passwd was allowed for the root group
    # from the Dockerfile during build.
    #
    # ref: https://github.com/jupyter/docker-stacks/issues/552
    if ! whoami &> /dev/null; then
        _log "There is no entry in /etc/passwd for our UID=$(id -u). Attempting to fix..."
        if [[ -w /etc/passwd ]]; then
            _log "Renaming old jovyan user to nayvoj ($(id -u jovyan):$(id -g jovyan))"

            # We cannot use "sed --in-place" since sed tries to create a temp file in
            # /etc/ and we may not have write access. Apply sed on our own temp file:
            sed --expression="s/^jovyan:/nayvoj:/" /etc/passwd > /tmp/passwd
            echo "${NB_USER}:x:$(id -u):$(id -g):,,,:/home/jovyan:/bin/bash" >> /tmp/passwd
            cat /tmp/passwd > /etc/passwd
            rm /tmp/passwd

            _log "Added new ${NB_USER} user ($(id -u):$(id -g)). Fixed UID!"

            if [[ "${NB_USER}" != "jovyan" ]]; then
                _log "WARNING: user is ${NB_USER} but home is /home/jovyan. You must run as root to rename the home directory!"
            fi
        else
            _log "WARNING: unable to fix missing /etc/passwd entry because we don't have write permission. Try setting gid=0 with \"--user=$(id -u):0\"."
        fi
    fi

    # Warn about misconfiguration of: desired username, user id, or group id.
    # A misconfiguration occurs when the user modifies the default values of
    # NB_USER, NB_UID, or NB_GID, but we cannot update those values because we
    # are not root.
    if [[ "${NB_USER}" != "jovyan" && "${NB_USER}" != "$(id -un)" ]]; then
        _log "WARNING: container must be started as root to change the desired user's name with NB_USER=\"${NB_USER}\"!"
    fi
    if [[ "${NB_UID}" != "${JOVYAN_UID}" && "${NB_UID}" != "$(id -u)" ]]; then
        _log "WARNING: container must be started as root to change the desired user's id with NB_UID=\"${NB_UID}\"!"
    fi
    if [[ "${NB_GID}" != "${JOVYAN_GID}" && "${NB_GID}" != "$(id -g)" ]]; then
        _log "WARNING: container must be started as root to change the desired user's group id with NB_GID=\"${NB_GID}\"!"
    fi

    # Warn if the user isn't able to write files to ${HOME}
    if [[ ! -w /home/jovyan ]]; then
        _log "WARNING: no write access to /home/jovyan. Try starting the container with group 'users' (100), e.g. using \"--group-add=users\"."
    fi

    # NOTE: This hook is run as the user we started the container as!
    run-hooks /usr/local/bin/before-notebook.d
    unset_explicit_env_vars
    _log "Executing the command:" "${cmd[@]}"
    exec "${cmd[@]}"
fi
init 2023-01-24 14:00:27 +00:00			`#!/bin/bash`
			`# Copyright (c) Jupyter Development Team.`
			`# Distributed under the terms of the Modified BSD License.`

			`set -e`

			`# The _log function is used for everything this script wants to log. It will`
			`# always log errors and warnings, but can be silenced for other messages`
			`# by setting JUPYTER_DOCKER_STACKS_QUIET environment variable.`
			`_log () {`
			`if [[ "$" == "ERROR:" ]] \|\| [[ "$" == "WARNING:" ]] \|\| [[ "${JUPYTER_DOCKER_STACKS_QUIET}" == "" ]]; then`
			`echo "$@"`
			`fi`
			`}`
			`_log "Entered start.sh with args:" "$@"`

			`# The run-hooks function looks for .sh scripts to source and executable files to`
			`# run within a passed directory.`
			`run-hooks () {`
			`if [[ ! -d "${1}" ]] ; then`
			`return`
			`fi`
			`_log "${0}: running hooks in ${1} as uid / gid: $(id -u) / $(id -g)"`
			`for f in "${1}/"*; do`
			`case "${f}" in`
			`*.sh)`
			`_log "${0}: running script ${f}"`
			`# shellcheck disable=SC1090`
			`source "${f}"`
			`;;`
			`*)`
			`if [[ -x "${f}" ]] ; then`
			`_log "${0}: running executable ${f}"`
			`"${f}"`
			`else`
			`_log "${0}: ignoring non-executable ${f}"`
			`fi`
			`;;`
			`esac`
			`done`
			`_log "${0}: done running hooks in ${1}"`
			`}`

			`# A helper function to unset env vars listed in the value of the env var`
			`# JUPYTER_ENV_VARS_TO_UNSET.`
			`unset_explicit_env_vars () {`
			`if [ -n "${JUPYTER_ENV_VARS_TO_UNSET}" ]; then`
			`for env_var_to_unset in $(echo "${JUPYTER_ENV_VARS_TO_UNSET}" \| tr ',' ' '); do`
			`echo "Unset ${env_var_to_unset} due to JUPYTER_ENV_VARS_TO_UNSET"`
			`unset "${env_var_to_unset}"`
			`done`
			`unset JUPYTER_ENV_VARS_TO_UNSET`
			`fi`
			`}`


			`# Default to starting bash if no command was specified`
			`if [ $# -eq 0 ]; then`
			`cmd=( "bash" )`
			`else`
			`cmd=( "$@" )`
			`fi`

			`# NOTE: This hook will run as the user the container was started with!`
			`run-hooks /usr/local/bin/start-notebook.d`

			`# If the container started as the root user, then we have permission to refit`
			`# the jovyan user, and ensure file permissions, grant sudo rights, and such`
			`# things before we run the command passed to start.sh as the desired user`
			`# (NB_USER).`
			`#`
			`if [ "$(id -u)" == 0 ] ; then`
			`# Environment variables:`
			`# - NB_USER: the desired username and associated home folder`
			`# - NB_UID: the desired user id`
			`# - NB_GID: a group id we want our user to belong to`
			`# - NB_GROUP: a group name we want for the group`
			`# - GRANT_SUDO: a boolean ("1" or "yes") to grant the user sudo rights`
			`# - CHOWN_HOME: a boolean ("1" or "yes") to chown the user's home folder`
			`# - CHOWN_EXTRA: a comma separated list of paths to chown`
			`# - CHOWN_HOME_OPTS / CHOWN_EXTRA_OPTS: arguments to the chown commands`

			`# Refit the jovyan user to the desired the user (NB_USER)`
			`if id jovyan &> /dev/null ; then`
			`if ! usermod --home "/home/${NB_USER}" --login "${NB_USER}" jovyan 2>&1 \| grep "no changes" > /dev/null; then`
			`_log "Updated the jovyan user:"`
			`_log "- username: jovyan -> ${NB_USER}"`
			`_log "- home dir: /home/jovyan -> /home/${NB_USER}"`
			`fi`
			`elif ! id -u "${NB_USER}" &> /dev/null; then`
			`_log "ERROR: Neither the jovyan user or '${NB_USER}' exists. This could be the result of stopping and starting, the container with a different NB_USER environment variable."`
			`exit 1`
			`fi`
			`# Ensure the desired user (NB_USER) gets its desired user id (NB_UID) and is`
			`# a member of the desired group (NB_GROUP, NB_GID)`
			`if [ "${NB_UID}" != "$(id -u "${NB_USER}")" ] \|\| [ "${NB_GID}" != "$(id -g "${NB_USER}")" ]; then`
			`_log "Update ${NB_USER}'s UID:GID to ${NB_UID}:${NB_GID}"`
			`# Ensure the desired group's existence`
			`if [ "${NB_GID}" != "$(id -g "${NB_USER}")" ]; then`
			`groupadd --force --gid "${NB_GID}" --non-unique "${NB_GROUP:-${NB_USER}}"`
			`fi`
			`# Recreate the desired user as we want it`
			`userdel "${NB_USER}"`
			`useradd --home "/home/${NB_USER}" --uid "${NB_UID}" --gid "${NB_GID}" --groups 100 --no-log-init "${NB_USER}"`
			`fi`

			`# Move or symlink the jovyan home directory to the desired users home`
			`# directory if it doesn't already exist, and update the current working`
			`# directory to the new location if needed.`
			`if [[ "${NB_USER}" != "jovyan" ]]; then`
			`if [[ ! -e "/home/${NB_USER}" ]]; then`
			`_log "Attempting to copy /home/jovyan to /home/${NB_USER}..."`
			`mkdir "/home/${NB_USER}"`
			`if cp -a /home/jovyan/. "/home/${NB_USER}/"; then`
			`_log "Success!"`
			`else`
			`_log "Failed to copy data from /home/jovyan to /home/${NB_USER}!"`
			`_log "Attempting to symlink /home/jovyan to /home/${NB_USER}..."`
			`if ln -s /home/jovyan "/home/${NB_USER}"; then`
			`_log "Success creating symlink!"`
			`else`
			`_log "ERROR: Failed copy data from /home/jovyan to /home/${NB_USER} or to create symlink!"`
			`exit 1`
			`fi`
			`fi`
			`fi`
			`# Ensure the current working directory is updated to the new path`
			`if [[ "${PWD}/" == "/home/jovyan/"* ]]; then`
			`new_wd="/home/${NB_USER}/${PWD:13}"`
			`_log "Changing working directory to ${new_wd}"`
			`cd "${new_wd}"`
			`fi`
			`fi`

			`# Optionally ensure the desired user get filesystem ownership of it's home`
			`# folder and/or additional folders`
			`if [[ "${CHOWN_HOME}" == "1" \|\| "${CHOWN_HOME}" == "yes" ]]; then`
			`_log "Ensuring /home/${NB_USER} is owned by ${NB_UID}:${NB_GID} ${CHOWN_HOME_OPTS:+(chown options: ${CHOWN_HOME_OPTS})}"`
			`# shellcheck disable=SC2086`
			`chown ${CHOWN_HOME_OPTS} "${NB_UID}:${NB_GID}" "/home/${NB_USER}"`
			`fi`
			`if [ -n "${CHOWN_EXTRA}" ]; then`
			`for extra_dir in $(echo "${CHOWN_EXTRA}" \| tr ',' ' '); do`
			`_log "Ensuring ${extra_dir} is owned by ${NB_UID}:${NB_GID} ${CHOWN_EXTRA_OPTS:+(chown options: ${CHOWN_EXTRA_OPTS})}"`
			`# shellcheck disable=SC2086`
			`chown ${CHOWN_EXTRA_OPTS} "${NB_UID}:${NB_GID}" "${extra_dir}"`
			`done`
			`fi`

			`# Update potentially outdated environment variables since image build`
			`export XDG_CACHE_HOME="/home/${NB_USER}/.cache"`

			`# Prepend ${CONDA_DIR}/bin to sudo secure_path`
			`sed -r "s#Defaults\s+secure_path\s=\s\"?([^\"]+)\"?#Defaults secure_path=\"${CONDA_DIR}/bin:\1\"#" /etc/sudoers \| grep secure_path > /etc/sudoers.d/path`

			`# Optionally grant passwordless sudo rights for the desired user`
			`if [[ "$GRANT_SUDO" == "1" \|\| "$GRANT_SUDO" == "yes" ]]; then`
			`_log "Granting ${NB_USER} passwordless sudo rights!"`
			`echo "${NB_USER} ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers.d/added-by-start-script`
			`fi`

			`# NOTE: This hook is run as the root user!`
			`run-hooks /usr/local/bin/before-notebook.d`

			`unset_explicit_env_vars`
			`_log "Running as ${NB_USER}:" "${cmd[@]}"`
			`exec sudo --preserve-env --set-home --user "${NB_USER}" \`
			`PATH="${PATH}" \`
			`PYTHONPATH="${PYTHONPATH:-}" \`
			`"${cmd[@]}"`
			`# Notes on how we ensure that the environment that this container is started`
			`# with is preserved (except vars listed in JUPYTER_ENV_VARS_TO_UNSET) when`
			`# we transition from running as root to running as NB_USER.`
			`#`
			# - We use `sudo` to execute the command as NB_USER. What then
			`# happens to the environment will be determined by configuration in`
			`# /etc/sudoers and /etc/sudoers.d/* as well as flags we pass to the sudo`
			# command. The behavior can be inspected with `sudo -V` run as root.
			`#`
			# ref: `man sudo` https://linux.die.net/man/8/sudo
			# ref: `man sudoers` https://www.sudo.ws/man/1.8.15/sudoers.man.html
			`#`
			# - We use the `--preserve-env` flag to pass through most environment
			`# variables, but understand that exceptions are caused by the sudoers`
			# configuration: `env_delete` and `env_check`.
			`#`
			# - We use the `--set-home` flag to set the HOME variable appropriately.
			`#`
			`# - To reduce the default list of variables deleted by sudo, we could have`
			# used `env_delete` from /etc/sudoers. It has higher priority than the
			# `--preserve-env` flag and the `env_keep` configuration.
			`#`
			`# - We preserve PATH and PYTHONPATH explicitly. Note however that sudo`
			# resolves `${cmd[@]}` using the "secure_path" variable we modified
			`# above in /etc/sudoers.d/path. Thus PATH is irrelevant to how the above`
			# sudo command resolves the path of `${cmd[@]}`. The PATH will be relevant
			# for resolving paths of any subprocesses spawned by `${cmd[@]}`.

			`# The container didn't start as the root user, so we will have to act as the`
			`# user we started as.`
			`else`
			`# Warn about misconfiguration of: granting sudo rights`
			`if [[ "${GRANT_SUDO}" == "1" \|\| "${GRANT_SUDO}" == "yes" ]]; then`
			`_log "WARNING: container must be started as root to grant sudo permissions!"`
			`fi`

			`JOVYAN_UID="$(id -u jovyan 2>/dev/null)" # The default UID for the jovyan user`
			`JOVYAN_GID="$(id -g jovyan 2>/dev/null)" # The default GID for the jovyan user`

			`# Attempt to ensure the user uid we currently run as has a named entry in`
			`# the /etc/passwd file, as it avoids software crashing on hard assumptions`
			`# on such entry. Writing to the /etc/passwd was allowed for the root group`
			`# from the Dockerfile during build.`
			`#`
			`# ref: https://github.com/jupyter/docker-stacks/issues/552`
			`if ! whoami &> /dev/null; then`
			`_log "There is no entry in /etc/passwd for our UID=$(id -u). Attempting to fix..."`
			`if [[ -w /etc/passwd ]]; then`
			`_log "Renaming old jovyan user to nayvoj ($(id -u jovyan):$(id -g jovyan))"`

			`# We cannot use "sed --in-place" since sed tries to create a temp file in`
			`# /etc/ and we may not have write access. Apply sed on our own temp file:`
			`sed --expression="s/^jovyan:/nayvoj:/" /etc/passwd > /tmp/passwd`
			`echo "${NB_USER}:x:$(id -u):$(id -g):,,,:/home/jovyan:/bin/bash" >> /tmp/passwd`
			`cat /tmp/passwd > /etc/passwd`
			`rm /tmp/passwd`

			`_log "Added new ${NB_USER} user ($(id -u):$(id -g)). Fixed UID!"`

			`if [[ "${NB_USER}" != "jovyan" ]]; then`
			`_log "WARNING: user is ${NB_USER} but home is /home/jovyan. You must run as root to rename the home directory!"`
			`fi`
			`else`
			`_log "WARNING: unable to fix missing /etc/passwd entry because we don't have write permission. Try setting gid=0 with \"--user=$(id -u):0\"."`
			`fi`
			`fi`

			`# Warn about misconfiguration of: desired username, user id, or group id.`
			`# A misconfiguration occurs when the user modifies the default values of`
			`# NB_USER, NB_UID, or NB_GID, but we cannot update those values because we`
			`# are not root.`
			`if [[ "${NB_USER}" != "jovyan" && "${NB_USER}" != "$(id -un)" ]]; then`
			`_log "WARNING: container must be started as root to change the desired user's name with NB_USER=\"${NB_USER}\"!"`
			`fi`
			`if [[ "${NB_UID}" != "${JOVYAN_UID}" && "${NB_UID}" != "$(id -u)" ]]; then`
			`_log "WARNING: container must be started as root to change the desired user's id with NB_UID=\"${NB_UID}\"!"`
			`fi`
			`if [[ "${NB_GID}" != "${JOVYAN_GID}" && "${NB_GID}" != "$(id -g)" ]]; then`
			`_log "WARNING: container must be started as root to change the desired user's group id with NB_GID=\"${NB_GID}\"!"`
			`fi`

			`# Warn if the user isn't able to write files to ${HOME}`
			`if [[ ! -w /home/jovyan ]]; then`
			`_log "WARNING: no write access to /home/jovyan. Try starting the container with group 'users' (100), e.g. using \"--group-add=users\"."`
			`fi`

			`# NOTE: This hook is run as the user we started the container as!`
			`run-hooks /usr/local/bin/before-notebook.d`
			`unset_explicit_env_vars`
			`_log "Executing the command:" "${cmd[@]}"`
			`exec "${cmd[@]}"`
			`fi`