Running a node app as a non root user in docker

For a couple of days I’ve been trying to run a node app as a non root user inside a Docker container using docker-compose. No matter what I try, I get the same EACCES: permission denied errors, more specifically it seems to be an issue with the start scripts:

Error: EACCES: permission denied, open '/home/dev/learn-node/public/dist/App.bundle.js'
    npm info
        lifecycle dang-thats-delicious@0.0.0~assets: Failed to exec assets script

I don’t see any of these issues when I simply comment out the USER dev line in the Dockerfile and remain as root. I have tried many different variations of commands in my Dockerfile but switching to the dev user seems to cause the issue.

  • how to list Docker images with Vagrant and Kubernetes
  • Docker client certificate issue
  • Docker deployment update shared volume
  • Port Publishing When Running with Docker Compose
  • How use can I use “babel-watch debug” for debugging with chrome?
  • Can SSH in but not out of docker container: network unreachable
  • This is what the scripts section of my package.json looks like

    "scripts": {
        "prod": "node ./start.js",
        "watch": "nodemon ./start.js --ignore public/",
        "start": "concurrently \"npm run watch\" \"npm run assets\" --names \"💻,📦\" --prefix name",
        "assets": "webpack -w --display-max-modules 0",
        "sample": "node ./data/load-sample-data.js",
        "blowitallaway": "node ./data/load-sample-data.js --delete",
        "now": "now -e DB_USER=@db_user -e DB_PASS=@db_pass -e NODE_ENV=\"production\" -e PORT=80"

    I think the overarching issue that I haven’t understood some fundamental principles regarding permissions. I want to be non root in the interest of security. Please advise.


    FROM node
    RUN apt-get update && apt-get -y install curl \
        apt-utils \
        locales \
        nano \
        python && \
        useradd --user-group --create-home --shell /bin/false dev && \
        sed -i -e 's/# en_US.UTF-8 UTF-8/en_US.UTF-8 UTF-8/' /etc/locale.gen && \
    # Set the locale
    # RUN sed -i -e 's/# en_US.UTF-8 UTF-8/en_US.UTF-8 UTF-8/' /etc/locale.gen && \
        # locale-gen
    ENV LANG en_US.UTF-8  
    ENV LANGUAGE en_US:en  
    ENV LC_ALL en_US.UTF-8 
    ENV HOME=/home/dev
    WORKDIR $HOME/learn-node
    COPY package.json $HOME/learn-node/
    RUN chown -R dev:dev $HOME//*
    # npm has read write issues when switching to dev user
    RUN npm install
    RUN chown -R dev:dev /home/dev/.config
    USER dev
    CMD ["npm", "start"]

  • Why do ping packets not reach a custom gateway in docker?
  • Unable to connect to MongoDB and MySQL by Spring App using Docker
  • Docker compose volume mapping with NodeJS app
  • How can I test that a docker wordpress-fpm with custom plugins works
  • Get audio from asterisk in docker on Mac?
  • docker local host url not opening
  • Docker will be the best open platform for developers and sysadmins to build, ship, and run distributed applications.