Docker Community Forums

Share and learn in the Docker community.

Beginner: running as non-root and volumnes

build

(Henrikl) #1

This is a novice question but I am staring myself blind. I am trying to build an image that uses “USER” to run the software as non-root and has a volume to store data to outlive the container

my docker file looks like this
RUN useradd -r -u 200 -m -c “nexus role account” -d /opt/nexus -s /bin/false nexus
USER nexus
RUN … install nexus to /opt/nexus

VOLUME /opt/nexus/data
CMD nexus-start.sh

However when I run the container /opt/nexus/data is owned by root:root so my nexus program cannot write data to it…

I have tried various things

  • chown the data directory to nexus:nexus
  • move the VOLUME to different places in the Dockerfile
  • I have tried creating a named volume with driver options of setting --opt o=uid=200 but that fails with missing device in options and I haven’t found the right value to supply for that

I know I am properly doing something basic wrong, but what?


(Jeff Anderson) #2

Try adding RUN mkdir /opt/nexus/data && chown nexus /opt/nexus/data right above your VOLUME directive.