DockerFile - USER

Card Puncher Data Processing

About

The USER instruction in a Dockerfile will set the user and the group running the next instructions.

It determines the user will execute commands both during the image build process and when running the container. By default, if no USER is specified, Docker will run commands as the root user.

Note

When a image will be running, the last USER instruction define the user that will runs the image.

Generally, the user is always root and have all permissions. Introducing another user may occurs permissions and accessiblity error. You should run a container under another user than root when it's not possible otherwise.

Default

By default Docker containers will run as UID 0, or root.

Permissions Problem

And it will not match the UID/GID of the user account executing the docker command on the host. You may end up then creating files and directory with only root as permissions.

Example

Below, we are creating a new user called notroot and add it to the sudoers

ENV PLAY_USER notroot
RUN echo "==> Add user and group $PLAY_USER ..."  && \
    useradd --create-home --user-group $PLAY_USER && \
    echo "==> Sudo conf: Nothing"  && \
    echo '%sudo ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers && \
    echo "Add the user to the sudoers group" && \
    usermod -a -G sudo $PLAY_USER





Discover More
Card Puncher Data Processing
DockerFile - Instruction

Basis Image: Tool installation (note: the package are sorted in alphabetical order) More ... Defines argument that can be passed by the build command line ...



Share this page:
Follow us:
Task Runner