Convox Community

Can I set a different user for the Docker container?

I would like to start some Docker containers as a different Linux user. I can do this by specifying a fixed USER step in the Dockerfile, but sometimes I need to run a command as a user with more permissions. Another approach is to wrap my commands with su -c "<command>" <user>, but then it’s difficult to pass all of the env vars to this new shell. su - or su -p doesn’t seem to work properly with rbash (it doesn’t apply any restrictions.)

So it would be great if the convox.yml service supported a user key, so that I can specify the Linux user for this container. (I tried this but it didn’t seem to have any effect.)

Can this be done with labels?

1 Like

What you’re looking for is probably gosu

1 Like

Thanks @crohr, gosu looks great! That looks like a much better way to drop root permissions and change the user.