Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Changed the root user to a non-root user #16

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

Changed the root user to a non-root user #16

wants to merge 2 commits into from

Conversation

kanekoh
Copy link

@kanekoh kanekoh commented Jan 7, 2020

Changes as follows:

  • Give permissions to the root group
  • Set USER as 1001 (non-root user)

I confirmed the container works with restricted SCC on an OpenShift environment.

#15

@aadrian
Copy link
Member

aadrian commented Jan 7, 2020

@kanekoh I'm not sure that hardcoding UID 1001 is a very good idea, since the mounted volumes from the host system will have now a "random" owner with UID 1001 .

@kanekoh
Copy link
Author

kanekoh commented Apr 24, 2020
edited
Loading

@aadrian I understand that hardcoding UID is not good idea.

Which of these methods is closer to your thought?

  1. No define "USER" instruction in Dockerfile
    As a default with docker-daemon, it works as a root uid container. However, a user can execute the container as non-root user with the parameter '-u'.

  2. Use "ARG" instruction and set default value to define USERID in Dockerfile
    When the container image build with docker command, specify USERID with --build-arg. So, a user can change UID easily.

...
ARG USERID=1001
...
USER ${USERID}

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@kanekoh @aadrian