How to run an nginx container as non root?
11,570
Solution 1
Use the rootless docker-imager from nginx.
Image
nginxinc/nginx-unprivileged
DockerHub
https://hub.docker.com/r/nginxinc/nginx-unprivileged
GitHub
https://github.com/nginxinc/docker-nginx-unprivileged
Solution 2
You can remove (or comment) the user
directive at the top of your nginx.conf
file.
This directive is relevant when you run nginx as root
. It defines the user possessing the pid of your nginx subprocesses.
When you don't run nginx as root
this directive is irrelevant, your nginx subprocesses run with your current user.
Author by
Anonymous
Updated on July 27, 2022Comments
-
Anonymous almost 2 years
Every time I try to run the container as non root, I get the following error:
the "user" directive makes sense only if the master process runs with super-user privileges, ignored in /etc/nginx/nginx.conf:2
Dockerfile:
FROM nginx:1.17.6 RUN chown -R nginx:nginx /var/cache/nginx && \ chown -R nginx:nginx /var/log/nginx && \ chown -R nginx:nginx /etc/nginx/conf.d RUN chmod -R 777 /etc/nginx/conf.d USER nginx COPY app/build /usr/share/nginx/html RUN rm /etc/nginx/conf.d/default.conf COPY nginx/nginx.conf /etc/nginx/conf.d CMD ["nginx","-g","daemon off;"]
-
akop over 3 yearsI don't know why, but nginx has two official repos. The unprivileged image on GitHub was posted by the official nginx-GitHub.
-
burns0907 over 2 yearshow can i change the default nginx user to my own user? I can't do addgroup or adduser on top of this?
-
akop over 2 yearsYou can do it in the Dockerfile with the USER-keyword.
-
burns0907 over 2 yearsit throws an error saying only root can add another user. sudo doesn't work and su asks for password
-
akop over 2 yearsOpen a new question, then I can give you an example. :)
-
Sujit.Warrier about 2 yearsThis image has thorws up erros during trivy analysis, is there any alternative?
-
akop about 2 yearsPerhaps you want to open a new question about the errors. An alternative: Build an image yourself like Michée describes in his answer.