nodejs
/
docker-node
mirror of https://github.com/nodejs/docker-node.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #407 from nodejs/fix-user-docs 

Update "Non-root User" docs
This commit is contained in:
Christopher Horrell 2017-05-18 11:09:28 -04:00 committed by GitHub
parent 955f24f184 bc7cd93b73
commit c0c75d6654
1 changed files with 5 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
docs/BestPractices.md
View File

@ -29,18 +29,17 @@ You can also include tini [directly in your Dockerfile](https://github.com/krall
## Non-root User
By default, Docker runs container as root which inside of the container can pose as a security issue. You would want to run the container as an unprivileged user wherever possible. The node images (with the exception of the `onbuild` variant) provide the `node` user for such purpose. The Docker Image can than be run with the `node` user in the following way:
By default, Docker runs container as root which inside of the container can pose as a security issue. You would want to run the container as an unprivileged user wherever possible. The node images provide the `node` user for such purpose. The Docker Image can than be run with the `node` user in the following way:
```
-u "node"
```
When using the `onbuild` variant, add the user like so:
Alternatively, the user can be activated in the `Dockerfile`:
```Dockerfile
FROM node:4.1.2-onbuild
# Add our user and group first to make sure their IDs get assigned consistently
RUN groupadd -r node && useradd -r -g node node
# Set the user to use when running this image
FROM node:6.10.3
...
# At the end, set the user to use when running this image
USER node
```