How to run docker image as a non-root user?

Question

I'm new to docker. When I run a docker images like ubuntu image by using the command,

sudo docker run -i -t ubuntu:14.04

By default, it is entering into the container as root like this.

I searched regarding this, but I couldn't get any of how to start a docker image as a non root user as I'm completely a starter for this topic.

It would be great if someone explains with an example of how to run a docker image as a non root user.

Answer 1

the docker run command has the -u parameter to allow you to specify a different user. In your case, and assuming you have a user named foo in your docker image, you could run:

sudo docker run -i -t -u foo ubuntu:14.04 /bin/bash

NOTE: The -u parameter is the equivalent of the USER instruction for Dockerfile.

Answer 2

This is admittedly hacky, but good for those quick little containers you start just to test something quickly:

#!/bin/bash

set -eu

NAME=$1
IMG=$2

#UID=$(id -u)
USER=$(id -un)
GID=$(id -g)
GROUP=$(id -gn)

docker run -d -v /tmp:/tmp -v "/home/$USER:/home/$USER" -h "$NAME" --name "$NAME" "$IMG" /bin/bash

docker exec "$NAME" /bin/bash -c "groupadd -g $GID $GROUP && useradd -M -s /bin/bash -g $GID -u $UID $USER"

Full version of the script I use here:

https://github.com/ericcurtin/staging/blob/master/d-run

Answer 3

udocker is a basic variant of docker which runs in user space:

udocker is a basic user tool to execute simple docker containers in user space without requiring root privileges. Enables download and execution of docker containers by non-privileged users in Linux systems where docker is not available. It can be used to pull and execute docker containers in Linux batch systems and interactive clusters that are managed by other entities such as grid infrastructures or externally managed batch or interactive systems.