Created
September 25, 2018 19:24
-
-
Save avishayp/df44d9535c17e97bf697194c47627e64 to your computer and use it in GitHub Desktop.
Add non-root user for debian
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# non root user example for debian | |
# | |
# usage: | |
# $ docker build --build-arg "USER=someuser" --tag test . | |
# $ docker run --rm test | |
FROM debian:stretch | |
ARG USER=default | |
ENV HOME /home/$USER | |
# install sudo as root | |
RUN apt-get update \ | |
&& apt-get install -y sudo | |
# add new user | |
RUN adduser --disabled-password --gecos "" $USER \ | |
&& echo "$USER ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/$USER \ | |
&& chmod 0440 /etc/sudoers.d/$USER | |
USER $USER | |
WORKDIR $HOME | |
# files in /home/$USER to be owned by $USER | |
# docker has --chown flag for COPY, but it does not expand ENV so we fallback to: | |
# COPY src src | |
# RUN sudo chown -R $USER:$USER $HOME | |
CMD echo "User $(whoami) running from $PWD with premissions: $(sudo -l)" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment