zot [Feat]: Dockerfile: should run as non-root

[Feat]: Dockerfile: should run as non-root

Open erikschul opened this issue 2 years ago • 4 comments

trafficstars

Is your feature request related to a problem? Please describe.

The Dockerfile defaults to running as root. Directory /var/lib/registry/ is not writeable for non-root users.

Describe the solution you'd like

Dockerfile should create directories that are writable by other users, such that the container can be run with any uid.

Describe alternatives you've considered

No response

Additional context

No response

Sep 05 '23 09:09 erikschul

@erikschul could you elaborate on what you were trying to do?

Sep 05 '23 16:09 rchincha

I'm trying to run in Kubernetes with a non-root user, but I get permission denied errors. I think I solved it by using /zot/ instead, but now I'm experiencing an infinite loop. So I'll probably just try to build my own image instead. https://github.com/project-zot/zot/issues/1764

Sep 05 '23 17:09 erikschul

Example dockerfile: https://github.com/docker-library/postgres/blob/master/Dockerfile-debian.template

useradd
chmod

Sep 05 '23 17:09 erikschul

@erikschul I solved this by mounting an emptydir at /var/lib/registry but requires my chane here. https://github.com/project-zot/helm-charts/pull/26

Nov 02 '23 14:11 ericgraf

zot zot copied to clipboard

[Feat]: Dockerfile: should run as non-root

Is your feature request related to a problem? Please describe.

Describe the solution you'd like

Describe alternatives you've considered

Additional context

zot
zot copied to clipboard