Understanding how uid and gid work in Docker containers
Marc Campbell
1.2K14

Thanks for this article. It was very helpful. In the ‘What this means’ section, item 2) you wrote:

The better solution is to start containers with a known uid using the--user(you can use a username also, but remember that it’s just a friendlier way of providing a uid from the host’s username system)

An interesting case is when the username exists both on the host and in the image. (The docker-hub rabbitmq image which creates that username, for example.) Then, with ‘docker run …—user rabbitmq …’ gets resolved to the container’s uid for that username, not the host’s. Of course, ‘ — user <host uid>’ works as expected.

Reference https://docs.docker.com/engine/reference/run/#user hints at this:

USER

root (id = 0) is the default user within a container. The image developer can create additional users. Those users are accessible by name.

Thanks again for your post.

Like what you read? Give Mike Cannon a round of applause.

From a quick cheer to a standing ovation, clap to show how much you enjoyed this story.