How do I Docker COPY as non root?

While building a Docker image, how do I COPY a file into the image so that the resulting file is owned by a user other than root?

  • Can't get docker to accept request over the internet
  • When Marathon run all docker apps on same host the docker service stop
  • Docker container port issue
  • How to install php-redis extension using the official PHP Docker image approach?
  • DOCKER_OPTS do not work in config file /etc/default/docker
  • How to copy a file from container to host using copy in docker-py
  • Docker : Unable to run Docker commands
  • docker: 'stack' is not a docker command
  • Placeholder field for the ONBUILD section for child docker images to use
  • Is it safe to run docker container in production as root?
  • Connection refused: PHPUnit selenium in Docker
  • How to run docker containers in their network with an external gateway?
  • One Solution collect form web for “How do I Docker COPY as non root?”

    Docker currently doesn’t support COPY as a user other than root. You need to chown / chmod the file after the COPY command.

    Example Dockerfile:

    from centos:6
    RUN groupadd -r slcs && adduser -r -g myuser myuser
    USER myuser
    #Install code, configure application, etc...
    USER root
    COPY run-my-app.sh /usr/local/bin/run-my-app.sh
    RUN chown myuser:myuser /usr/local/bin/run-my-app.sh && \
        chmod 744 /usr/local/bin/run-my-app.sh
    USER myuser
    ENTRYPOINT ["/usr/local/bin/run-my-app.sh"]
    

    I’ve been trying to follow the discussion through multiple GitHub issues: 6119, 9943, 13600, 27303, 28499

    At the time of this post, Issue 30110 seems to be the most current which has no resolution. Therefore, it seems it is still not possible to do this with regular docker commands.

    Also, the Dockerfile Reference for the COPY command still says that

    All new files and directories are created with a UID and GID of 0.

    Docker will be the best open platform for developers and sysadmins to build, ship, and run distributed applications.