Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Connect to docker container as user other than root

Tags:

docker

root

containers

BY default when you run

docker run -it [myimage]

OR

docker attach [mycontainer]

you connect to the terminal as root user, but I would like to connect as a different user. Is this possible?

like image 658
Andy59469 Avatar asked Mar 01 '16 22:03

Andy59469

People also ask

How do I run a docker container as a different user?

Running Commands as a Different User in a Docker Container To run a command as a different user inside your container, add the --user flag: docker exec --user guest container-name whoami.

How do I login as docker as a root user?

As an alternative, we can also access the Docker container as root. In this case, we'll use the nsenter command to access the Docker container. To use the nsenter command, we must know the PID of the running container. This allows us to access the Docker container as a root user and run any command to access any file.

Do you need root for docker?

Rootless mode allows running the Docker daemon and containers as a non-root user to mitigate potential vulnerabilities in the daemon and the container runtime. Rootless mode does not require root privileges even during the installation of the Docker daemon, as long as the prerequisites are met.

How do I run a user as container?

For docker run : Simply add the option --user <user> to change to another user when you start the docker container. For docker attach or docker exec : Since the command is used to attach/execute into the existing process, therefore it uses the current user there directly.

2 Answers

For docker run:

Simply add the option --user <user> to change to another user when you start the docker container.

docker run -it --user nobody busybox

For docker attach or docker exec:

Since the command is used to attach/execute into the existing process, therefore it uses the current user there directly. 

docker run -it busybox  # CTRL-P/Q to quit docker attach <container id>  # then you have root user / # id uid=0(root) gid=0(root) groups=10(wheel)  docker run -it --user nobody busybox # CTRL-P/Q to quit docker attach <container id>   / $ id uid=99(nobody) gid=99(nogroup)

If you really want to attach to the user you want to have, then

  1. start with that user run --user <user> or mention it in your Dockerfile using USER
  2. change the user using `su
like image 160
Larry Cai Avatar answered Sep 30 '22 20:09

Larry Cai

You can run a shell in a running docker container using a command like:

docker exec -it --user root <container id> /bin/bash

like image 26
Jason Avatar answered Sep 30 '22 19:09

Jason
Sign in to Comment

Related questions

Docker container logs taking all my disk space
Validating docker-compose yml file
Can we pass ENV variables through cmd line while building a docker image through dockerfile?
Using docker-compose with CI - how to deal with exit codes and daemonized linked containers?
How can I wait for a docker container to be up and running?
How to communicate between Docker containers via "hostname"
What is the meaning of ImagePullBackOff status on a Kubernetes pod?
why doesn't chown work in Dockerfile?
How to run wget inside Ubuntu Docker image?
"docker cp" all files from a folder to existing container folder
Kubernetes: how to set VolumeMount user group and file permissions
Docker: Using --password via the CLI is insecure. Use --password-stdin
How to copy file from host to container using Dockerfile
what is the point of using pm2 and docker together?
How can I set Bash aliases for docker containers in Dockerfile?
How to list the content of a named volume in docker 1.9+?
Can't run Curl command inside my Docker Container
What is the alternative to condition form of depends_on in docker-compose Version 3?
Docker Compose does not allow to use local images
docker-compose creating multiple instances for the same image

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!