docker-conanexiles icon indicating copy to clipboard operation
docker-conanexiles copied to clipboard

Published 20 hours ago verified publisher icon alinmear

Run as non-root ?

Open drphlux opened this issue 7 years ago • 3 comments

I love this image, but I would like to ask how I can run it as non-root?

drphlux avatar May 13 '18 08:05 drphlux

We are talking about running the supervisord process within the container as unpriviledged user, right?

alinmear avatar May 15 '18 15:05 alinmear

We are talking about running the supervisord process within the container as unpriviledged user, right?

Exactly. My knowledge with supervisord is limited.

drphlux avatar May 25 '18 14:05 drphlux

Should be possible by adding the "user=xxxx" argument to each program in conanexiles.conf - http://supervisord.org/configuration.html#program-x-section-values (find the user subsection).

Otherwise apps such as gosu & su-exec can be used to step-down to a non-privileged user.

I have not done any testing so far so there are probably some kinks that needs to ironed out.

TBK avatar Dec 27 '18 08:12 TBK