Docker: Running Linux Container with a Non-Root user

Arun Kumar Singh
Feb 28 · 5 min read

Part-1: Linux Container as a Process

Part-2: Running a Docker Container

arun@controller:~$ sudo docker run -it ubuntu bash
Unable to find image 'ubuntu:latest' locally
latest: Pulling from library/ubuntu
83ee3a23efb7: Already exists
db98fc6f11f0: Already exists
f611acd52c6c: Already exists
Digest: sha256:703218c0465075f4425e58fac086e09e1de5c340b12976ab9eb8ad26615c3715
Status: Downloaded newer image for ubuntu:latest
root@27e9f62a1021:/# whoami
Ubuntu Container
arun@controller:~$ ps -ef  | grep ubuntu
root 3245 2669 0 18:27 pts/0 00:00:00 sudo docker run -it ubuntu bash
root 3247 3245 0 18:27 pts/0 00:00:00 docker run -it ubuntu bash

arun@controller:~$ ps -ef | grep 27e9
root 3289 1 0 18:27 ? 00:00:00 /usr/bin/containerd-shim-runc-v2 -namespace moby -id 27e9f62a10215ae0584b7131c03672817987b547c8440bd762f37d9c4f826ef5 -address /run/containerd/containerd.sock

Part-3: Rootless Containers

Part-4: Can I run Rootless Docker?

Part-5: Pre rootless Docker era (Overriding user at runtime)

arun@controller:~$ sudo docker run --rm -it -u $(id -u ${USER}):$(id -g ${USER}) ubuntu bash 
groups: cannot find name for group ID 1000
I have no name!@186e2848baf1:/$ whoami
whoami: cannot find name for user ID 1000
I have no name!@186e2848baf1:/$ id
uid=1000 gid=1000 groups=1000


Everything connected with Code & Tech!

Medium is an open platform where 170 million readers come to find insightful and dynamic thinking. Here, expert and undiscovered voices alike dive into the heart of any topic and bring new ideas to the surface. Learn more

Follow the writers, publications, and topics that matter to you, and you’ll see them on your homepage and in your inbox. Explore

If you have a story to tell, knowledge to share, or a perspective to offer — welcome home. It’s easy and free to post your thinking on any topic. Write on Medium

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store