Hi everyone,
For lab testing purpose, I am using a container with multiple applications installed.
From interactive console, I need to run on demand applications when needed, some of them doesn’t run with root user.
I can create a non-root user + password then switch to it and run the app. but I cannot get back to root user, it requires a password!!
Can I switch back and forth between root and non-root users? Or maybe only launch the application from the prompt with non-root user?
I use a combination of docker run
and docker exec
to enter containers with different UID’s:
$ docker run --rm -it --name test --user 1000 debian bash
I have no name!@0015685b2b6d:/$ whoami
whoami: cannot find name for user ID 1000
and in another terminal:
$ exit
sven@t440s:~/src/hub2-demo$ docker exec -it --user root test bash
root@0015685b2b6d:/#
Solved the issue as follow
- From withib the interactive console:
su -c “process” -s /bin/sh
- Concretely my case concerns “VideoLAN” application:
su -c “vls” -s /bin/sh vlc &
Priorly added instruction to create the user and set the apprpriate ownership in Dockerfile and rebuild it:
ENV HOME /home/vlc
RUN useradd --create-home --home-dir $HOME vlc
&& chown -R vlc:vlc $HOME
&& chown -R vlc:vlc /media
&& usermod -a -G audio,video vlc
References:
ht tps://registry.hub.docker.com/u/jess/vlc/dockerfile/
ht tp://serverfault.com/questions/351046/run-script-as-user-who-has-nologin-shell#
Hi,
As u mentioned, “docker run --rm -it --name test --user 1000 debian bash” after running this command.
I have no name!@0015685b2b6d:/$ whoami
whoami: cannot find name for user ID 1000
Instead of this, i want to user name in the “I have no name!” section.
Like
username@@0015685b2b6d:/$ whoami
username
How this is possible. Please help me.
Sorry for the late reply.
Just for the record:
This can be done by creating the user when building the image from a docker file, for example:
cat dockerfiletest
FROM ubuntu
RUN useradd me
build your image
docker build -t testcontainer -f dockerfiletest .
docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
testcontainer latest 5e4fb8e507b2 15 minutes ago 188.3 MB
Now you can run your container with an existing user
$ docker run --user=“me” -it testcontainer /bin/bash
me@eba1ec6e6de3:/$ whoami
me@eba1ec6e6de3:/$me
me@eba1ec6e6de3:/$ id me
uid=1000(me) gid=1000(me) groups=1000(me)
me@eba1ec6e6de3:/$
Or you can add
USER me
at the end of the docker file so you can start with the non-root user “me” by default.