I have been attempting to get a httpd container running as non-root and I can build the container but it will not start I do need to be running on port 80 to run the webserver. Any one who has tackled this iss please give me an Idea how you did it. Below is my Dockerfile

FROM centos

RUN yum -y update &&
yum -y install httpd &&
yum clean all &&
bash -c ‘echo “This mcoe webserver works!” >> /var/www/html/index.html’

ENV LC_ALL en_US.UTF-8
ENV LANG=en_US.UTF-8

COPY --chown=apache:apache httpd.conf /etc/httpd/conf/

RUN setcap ‘cap_net_bind_service=+ep’ /usr/sbin/httpd
RUN getcap /usr/sbin/httpd

HEALTHCHECK --interval=60s --timeout=30s CMD nc-zv http://localhost:80 || exit 1

USER apache

EXPOSE 80

ENTRYPOINT ["/usr/sbin/httpd"]
CMD ["-D ", “FOREGROUND”]

Thanks all

you cannot use port 80 if running as non-root. It cannot open the socket below 1024 , I guess, for non-root.
FAcing same issues. In docker compose, it is easy to redirect port 8080 to 80.

But setcap is supposed to be able to run the service, isn’t it?
According to this tutorial How to bind tcp|udp ports below 1024 with non-root account|privilege | Tekfik, why doesn’t it work then?

What does RUN getcap /usr/sbin/httpd give?
But I belive you also need the " i " flag to make it work for processes spawned from main pid.

Also please provide what error you get.