Running a node app as a non root user in docker

For a couple of days I’ve been trying to run a node app as a non root user inside a Docker container using docker-compose. No matter what I try, I get the same EACCES: permission denied errors, more specifically it seems to be an issue with the start scripts:

Error: EACCES: permission denied, open '/home/dev/learn-node/public/dist/App.bundle.js'
    npm info
        lifecycle dang-thats-delicious@0.0.0~assets: Failed to exec assets script

I don’t see any of these issues when I simply comment out the USER dev line in the Dockerfile and remain as root. I have tried many different variations of commands in my Dockerfile but switching to the dev user seems to cause the issue.

  • docker-compose: reinitializing MySQL db every time
  • How do you setup an AWS Elastic Beanstalk Docker Platform running Django?
  • docker ubuntu /bin/sh: 1: locale-gen: not found
  • how to use digitallyseamless/nodejs-bower-grunt-runtime:compass-support in wercker?
  • Dockerizing nginx and Flask
  • Check that Docker container has enough disk space
  • This is what the scripts section of my package.json looks like

    "scripts": {
        "prod": "node ./start.js",
        "watch": "nodemon ./start.js --ignore public/",
        "start": "concurrently \"npm run watch\" \"npm run assets\" --names \"💻,📦\" --prefix name",
        "assets": "webpack -w --display-max-modules 0",
        "sample": "node ./data/load-sample-data.js",
        "blowitallaway": "node ./data/load-sample-data.js --delete",
        "now": "now -e DB_USER=@db_user -e DB_PASS=@db_pass -e NODE_ENV=\"production\" -e PORT=80"

    I think the overarching issue that I haven’t understood some fundamental principles regarding permissions. I want to be non root in the interest of security. Please advise.


    FROM node
    RUN apt-get update && apt-get -y install curl \
        apt-utils \
        locales \
        nano \
        python && \
        useradd --user-group --create-home --shell /bin/false dev && \
        sed -i -e 's/# en_US.UTF-8 UTF-8/en_US.UTF-8 UTF-8/' /etc/locale.gen && \
    # Set the locale
    # RUN sed -i -e 's/# en_US.UTF-8 UTF-8/en_US.UTF-8 UTF-8/' /etc/locale.gen && \
        # locale-gen
    ENV LANG en_US.UTF-8  
    ENV LANGUAGE en_US:en  
    ENV LC_ALL en_US.UTF-8 
    ENV HOME=/home/dev
    WORKDIR $HOME/learn-node
    COPY package.json $HOME/learn-node/
    RUN chown -R dev:dev $HOME//*
    # npm has read write issues when switching to dev user
    RUN npm install
    RUN chown -R dev:dev /home/dev/.config
    USER dev
    CMD ["npm", "start"]

  • docker containers communication on dev machine
  • Exposing Elastic Beanstalk environment variables to Laravel's artisan using Docker
  • How do I expose Kubernetes service to the internet?
  • Using Docker for HPC with Sun Grid Engine
  • Hadoop and Cassandra benchmarking
  • Docker : How to run a service and a terminal in one command?
  • Docker will be the best open platform for developers and sysadmins to build, ship, and run distributed applications.