It will also create auser group with the same name. The above will create a user called app with UID 5000. The method to create a user varies by Linux distribution.For Debian we can use useradd, e.g.: Many Linuxdistributions provide an /etc/os-release file with this information. First, wewant to figure out what Linux distribution this image uses. Lets create a Dockerfile based on this image, and add our own user. The default, when there is no user, is to run as the root user. Scrolling back, you should see that this image is not configured with any user: To start, we will be working with one of the more popular images, nginx. It actually binds to a Unix socket instead of a TCP port. However, running an application with Docker means that you have to run the Docker Daemon with root privileges. Run Docker Without Sudo Centos In most cases, you will only interact with the Docker CLI. You need to use sudo because the process is owned by the Docker daemon user and you otherwise won’t be able to see its name or PID. Verify which process is bound to port 80, using the netstat command. Run curl as a non-priveleged user and if you need superuser access to do something with whatever you've fetched, do that. This is highly ill-advised as a general rule - you don't need to be 'root' to run curl to pull something from a remote host. First, I would suggest you look long and hard at why you need to sudo curl in the first place. If you don’t want to preface the docker command with sudo, create a Unixgroup called docker and add users to it. The Docker daemon always runs as the root user. By defaultthat Unix socket is owned by the user root and other users can only access itusing sudo. The Docker daemon binds to a Unix socket instead of a TCP port. You can now check that the default user and the group have now changed to the one we created in the Dockerfile using the id command. Sudo docker run -it user-demo bash Step 4: Verify the output.
Use the Docker Run command to run the Container.
This exercise will walk you through some of thesteps needed to run containers without root. However for security, it’s recommended to run ourcontainers as a non-root user. Thismakes them very convenient for developers looking to get started quickly withthe fewest complications. Docker Hub has lots of popular images that are configured to run as root.