docker-lamp
docker-lamp copied to clipboard
mattrayner
[Question] Container running as non-root?
Hi, can the container run as a non-root user? For example, at the end of the Dockerfile, could I add:
RUN useradd -m myuser
USER myuser
before the "CMD" line
And MySQL would run fine? Or will the container complain about not having root?
Hi, it can definitely be configured to run as non root but I think it would be more invoked than this
The image was only really intended for local development so I haven’t put any thought into hardening it in any way
If you wanted to make the change and open a pull request it’s certainly something I would merge :-)
Thanks
On Mon, 13 Apr 2020 at 02:02, GuyMight44 [email protected] wrote:
Hi, can the container run as a non-root user? For example, at the end of the Dockerfile, could I add: RUN useradd -m myuser USER myuser before the "CMD" line
And MySQL would run fine? Or will the container complain about not having root?
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/mattrayner/docker-lamp/issues/87, or unsubscribe https://github.com/notifications/unsubscribe-auth/AA2XGNQUXA34KC5NHXCVM4LRMJQAZANCNFSM4MGUE4SQ .
-- Matt Rayner http://www.mattrayner.co.uk/
Hi, there is a reason I wanted to see if I can run as root.
I am trying to build a dockerfile for Heroku but there are some restrictions as Heroku does not allow containers to run as root. https://devcenter.heroku.com/articles/container-registry-and-runtime#testing-an-image-locally
Thing is, I dont know how to modify mysql to work under non-root conditions if its even possible. I understand this is for local development but I was hoping maybe there would be a way since it would help me develop locally then I could push the image to Heroku