-
Notifications
You must be signed in to change notification settings - Fork 2.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Unable to run docker image without ending up as root #2548
Comments
@lucasgcbkhomp |
If the mosquitto broker is started as root it will read it's config file and by default do a priviledges drop by using a setuid call to switch to the mosquitto user. Or to the user specified in the mosquitto.conf file. This behavior is independent on running inside a docker container or running outside a container. |
In addition to the other points raised, the |
Hello,
I've been trying to run the
eclipse-mosquitto:2
image and I've noticed it runs as root by default.I've also noticed in the dockerfile a
mosquitto
user is created under group 1883. What is it being used for?By swapping to the
mosquitto
user in a Dockerfile (USER mosquitto
), I cannot use volumes properly because it is not part of the1000
group for Linux users (for instance, when updating adynamic-security.json
record in a volume). Is this intended? Other images I know of group the user to 1000 to avoid this sort of problem.What is the intended way to run as user? Are volumes meant to be disencouraged with this image?
Thanks.
The text was updated successfully, but these errors were encountered: