Docker Community Forums

Share and learn in the Docker community.

Running a process within a container with specific user for a container with non root user


(Ashishsdock) #1

Hi All,

I have an ubuntu image which has an IBM MQ product Installed(Upon installation this product automatically creates a user and group “mqm” All IBM MQ processes run with this user) .

I am running a container with a non root user(say ubuntu) and giving this non root user permission to sudo to mqm.

Docker File :

From mqinstalledubuntu:v1
RUN groupadd -r ubuntu &&
useradd -r -g ubuntu -ms /sbin/nologin ubuntu &&
mkdir -p /etc/sudoers.d &&
touch /etc/sudoers.d/ubuntu &&
echo “ubuntu ALL=(ALL) NOPASSWD:/bin/su - mqm” >/etc/sudoers.d/ubuntu &&
chmod 440 /etc/sudoers.d/ubuntu
COPY .sh /usr/local/bin
COPY .mqsc /usr/local/bin
RUN chmod +x /usr/local/bin/
.sh
RUN chmod +x /usr/local/bin/
.mqsc
USER ubuntu
ENTRYPOINT ["/usr/local/bin/mq.sh"]

Finally through the entrypoint script I am executing some MQ specific commands via mqm user. However everytime I run the container it is asking for ubuntu password :slight_smile:

MQ.sh

#!/bin/bash
set -e
sudo -u mqm ‘crtmqm TEST’
sudo -u mqm ‘strmqm TEST’
sudo -u mqm ‘runmqsc TEST < /usr/local/bin/createmqobj.mqsc’
exec “$@”

Running Conatiner :

ubuntu@ip-172-31-47-155:~/last$ docker run -it 373c34a9d82c
[sudo] password for ubuntu:

Can we override the requirement of a password and directly execute the MQ related commands somehow ?

Thanks