Menu
As the title says, I'm having trouble running Firefox in headless mode inside a Docker container as a non-root user. Consider the following Dockerfile, built with docker build -t firefox .
FROM python:3.8-buster
RUN apt-get update -qq \
&& apt-get install -qy \
libappindicator1 \
libasound2 \
libatk1.0-0 \
libc6 \
libcairo2 \
libcups2 \
libdbus-1-3 \
libexpat1 \
libfontconfig1 \
libgbm-dev \
libgcc1 \
libgconf-2-4 \
libgdk-pixbuf2.0-0 \
libglib2.0-0 \
libgtk-3-0 \
libnspr4 \
libnss3 \
libpango-1.0-0 \
libpangocairo-1.0-0 \
libpci-dev \
libstdc++6 \
libx11-6 \
libx11-xcb1 \
libxcb1 \
libxcomposite1 \
libxcursor1 \
libxdamage1 \
libxext6 \
libxfixes3 \
libxi6 \
libxrandr2 \
libxrender1 \
libxss1 \
libxtst6 \
xdg-utils \
nano
RUN wget https://download-installer.cdn.mozilla.net/pub/firefox/releases/85.0.2/linux-x86_64/en-US/firefox-85.0.2.tar.bz2 -O /firefox.tar.bz2
RUN tar -xf /firefox.tar.bz2 --directory /
WORKDIR /firefox
RUN ./firefox -CreateProfile "headless /profile-headless" -headless
RUN chmod -Rf 777 /firefox && chmod -Rf 777 /profile-headless
cmd ["./firefox", "-profile", "/profile-headless", "-headless", "--screenshot", "https://example.org"]
If I run a container as root, all is good and the process finishes (a few warnings appear, but it works overall):
$ docker run --rm firefox
*** You are running in headless mode.
[GFX1-]: glxtest: Unable to open a connection to the X server
[GFX1-]: glxtest: libEGL missing
$
However, if I run it as a different user, the same output appears, but the process hangs.
$ docker run --rm --user=1001 firefox
*** You are running in headless mode.
[GFX1-]: glxtest: Unable to open a connection to the X server
[GFX1-]: glxtest: libEGL missing
I tried assigning 777 permissions to both the directory that holds the binaries (/firefox) and the profile one (profile-headless), that doesn't seem to work.
Probably some dependencies are not necessary, I just didn't want to spend time on that while I have bigger issues.
As a note, I initially encountered this while trying to run playwright-python inside Docker as non-root. The Chromium browser works just fine, but Firefox fails to initialize and playwright ends up throwing a timeout error. I dug deeper and realized that standalone Firefox was failing for me as well.
I suppose I must be missing some configuration, env variables or such. Any help would be much appreciated, thanks in advance!
346
Rootless mode allows running the Docker daemon and containers as a non-root user to mitigate potential vulnerabilities in the daemon and the container runtime. Rootless mode does not require root privileges even during the installation of the Docker daemon, as long as the prerequisites are met.
You can try to run Docker Containers as a Non Root User by adding Users to the Docker Group. If there is no Docker group, you can always create one. You can create a Docker Group using the following command. After you have created the Docker Group, you can now add Non Root Users using the following command.
Playwright does use its own version of Firefox and WebKit. For that a specific Playwright build is required so the normal Firefox or Safari can't be used there which you are trying to install via apt.
In your scenario, you are probably looking for the command to automatically install the dependencies, which can get done by executing npx playwright install-deps, see here for reference.
Besides that it's recommended to use official Docker image, which is tested for every release and ensured that it contains all the necessary dependencies to run Playwright with all its features.
108
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
