Skip to content

Instantly share code, notes, and snippets.

@avishayp
Created September 25, 2018 19:24
Show Gist options
  • Save avishayp/df44d9535c17e97bf697194c47627e64 to your computer and use it in GitHub Desktop.
Save avishayp/df44d9535c17e97bf697194c47627e64 to your computer and use it in GitHub Desktop.
Add non-root user for debian
# non root user example for debian
#
# usage:
# $ docker build --build-arg "USER=someuser" --tag test .
# $ docker run --rm test
FROM debian:stretch
ARG USER=default
ENV HOME /home/$USER
# install sudo as root
RUN apt-get update \
&& apt-get install -y sudo
# add new user
RUN adduser --disabled-password --gecos "" $USER \
&& echo "$USER ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/$USER \
&& chmod 0440 /etc/sudoers.d/$USER
USER $USER
WORKDIR $HOME
# files in /home/$USER to be owned by $USER
# docker has --chown flag for COPY, but it does not expand ENV so we fallback to:
# COPY src src
# RUN sudo chown -R $USER:$USER $HOME
CMD echo "User $(whoami) running from $PWD with premissions: $(sudo -l)"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment