docker’s userns-remap feature allows us to use a default dockremap user. In this scenario, docker engine creates the user dockremap on the host and maps the root user inside a container to this user. For this user, docker also needs to have entries on the host’s /etc/subuid and /etc/subgid files.

docker-user-remap.sh

#!/bin/bash

###############################################################
# Docker userns-remap and system users on Linux
###############################################################


groupadd -g 500000 dockremap && 
groupadd -g 501000 dockremap-user && 
useradd -u 500000 -g dockremap -s /bin/false dockremap && 
useradd -u 501000 -g dockremap-user -s /bin/false dockremap-user

echo "dockremap:500000:65536" >> /etc/subuid && 
echo "dockremap:500000:65536" >>/etc/subgid

echo "
  {
   \"userns-remap\": \"default\"
  }
" > /etc/docker/daemon.json

systemctl daemon-reload && systemctl restart docker