docker-library
/
docs
mirror of https://github.com/docker-library/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add a new section in the PHP documentation about running as an arbitrary user 

This is adapated from what's discussed in https://github.com/docker-library/wordpress/pull/249 (and https://github.com/docker-library/wordpress/issues/256, among others).
This commit is contained in:
Tianon Gravi 2018-05-08 10:53:25 -07:00
parent 544a48aa7f
commit 27d9b1829c
4 changed files with 22 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
drupal/content.md
View File

@ -96,3 +96,7 @@ The following Docker Hub features can help with the task of keeping your depende
- [Automated Builds](https://docs.docker.com/docker-hub/builds/) let Docker Hub automatically build your Dockerfile each time you push changes to it.
- [Repository Links](https://docs.docker.com/docker-hub/builds/#repository-links) can ensure that your image is also rebuilt any time `%%REPO%%` is updated.
## Running as an arbitrary user
See [the "Running as an arbitrary user" section of the `php` image documentation](https://hub.docker.com/_/php/).

4
owncloud/content.md
View File

@ -47,3 +47,7 @@ $ docker exec -u www-data some-owncloud php occ status
## %%STACK%%
Run `docker stack deploy -c stack.yml %%REPO%%` (or `docker-compose -f stack.yml up`), wait for it to initialize completely, and visit `http://swarm-ip:8080/`, `http://localhost:8080/`, or `http://host-ip:8080` (as appropriate).
## Running as an arbitrary user
See [the "Running as an arbitrary user" section of the `php` image documentation](https://hub.docker.com/_/php/).

10
php/content.md
View File

@ -178,6 +178,16 @@ RUN curl -fsSL 'https://xcache.lighttpd.net/pub/Releases/3.2.0/xcache-3.2.0.tar.
&& rm -r /tmp/xcache
```
## Running as an arbitrary user
For running the FPM variants as an arbitrary user, the `--user` flag to `docker run` should be used (which can accept both a username/group in the container's `/etc/passwd` file like `--user daemon` or a specific UID/GID like `--user 1000:1000`).
For running the Apache variants as an arbitrary user, there are several choices:
- If your kernel [is version 4.11 or newer](https://github.com/moby/moby/issues/8460#issuecomment-312459310), you can add `--sysctl net.ipv4.ip_unprivileged_port_start=0` and then `--user` should work as it does for FPM.
- If you adjust the Apache configuration to use an "unprivileged" port (greater than 1024 by default), then `--user` should work as it does for FPM regardless of kernel version.
- Otherwise, setting `APACHE_RUN_USER` and/or `APACHE_RUN_GROUP` should have the desired effect (for example, `-e APACHE_RUN_USER=daemon` or `-e APACHE_RUN_USER=#1000` -- see [the Apache `User` directive documentation for details on the expected syntax](https://httpd.apache.org/docs/2.4/mod/mod_unixd.html#user)).
## "`E: Package 'php-XXX' has no installation candidate`"
As of [docker-library/php#542](https://github.com/docker-library/php/pull/542), this image blocks the installation of Debian's PHP packages. There is some additional discussion of this change in [docker-library/php#551 (comment)](https://github.com/docker-library/php/issues/551#issuecomment-354849074), but the gist is that installing Debian's PHP packages in this image leads to two conflicting installations of PHP in a single image, which is almost certainly not the intended outcome.

4
wordpress/content.md
View File

@ -62,3 +62,7 @@ The following Docker Hub features can help with the task of keeping your depende
- [Automated Builds](https://docs.docker.com/docker-hub/builds/) let Docker Hub automatically build your Dockerfile each time you push changes to it.
- [Repository Links](https://docs.docker.com/docker-hub/builds/#repository-links) can ensure that your image is also rebuilt any time `%%REPO%%` is updated.
## Running as an arbitrary user
See [the "Running as an arbitrary user" section of the `php` image documentation](https://hub.docker.com/_/php/).