TECH BASICS, CODEX

Docker: Running Linux Container with a Non-Root user

Photo by Justus Menke on Unsplash

Part-1: Linux Container as a Process

Modern DevOps cycles are constantly evolving and we should thank containers for this. The concept of Container took birth under the Linux Operating System. A Linux Container is a process that is isolated from the rest of the system. As I said it is a process then it will have a process id (PID) and will be associated with a particular user and group account. This is the basic concept of the Linux OS process.

Part-2: Running a Docker Container

By default, containers run as a root in Docker. If you want to start your container process as a non-root user then you must specify it in Dockerfile. The process which is running as a root inside the container is root on the host itself.

I will explain this with an example. Let's run a Ubuntu Linux container with a bash process.

arun@controller:~$ sudo docker run -it ubuntu bash
Unable to find image 'ubuntu:latest' locally
latest: Pulling from library/ubuntu
83ee3a23efb7: Already exists 
db98fc6f11f0: Already exists 
f611acd52c6c: Already exists 
Digest: sha256:703218c0465075f4425e58fac086e09e1de5c340b12976ab9eb8ad26615c3715
Status: Downloaded newer image for ubuntu:latest…