Open In App

Docker – USER Instruction

Improve
Improve
Like Article
Like
Save
Share
Report

By default, a Docker Container runs as a Root user. This poses a great security threat if you deploy your applications on a large scale inside Docker Containers. You can change or switch to a different user inside a Docker Container using the USER Instruction. For this, you first need to create a user and a group inside the Container.

In this article, we are going to use the USER instruction to switch the user inside the Container from Root to the one which we will create. To do so follow the below steps:

Step 1: Create the Dockerfile

You can specify the instructions to create a new user and group and to switch the user both in the Dockerfile. For this example, we will simply create an Ubuntu Image and use the bash with a different user other than the Root user.

FROM ubuntu:latest
RUN apt-get -y update
RUN groupadd -r user && useradd -r -g user user
USER user

In the above dockerfile, we have pulled the base Image Ubuntu and updated it. We have created a new group called user and a new user inside the group with the same name. Using the USER option, we have then switched the user.

Step 2: Build the Docker Image

After creating the Dockerfile, we can now create the Docker Image using the Build command.

sudo docker build -t user-demo .

building the Docker image

Step 3: Run the Docker Container

Use the Docker Run command to run the Container.

sudo docker run -it user-demo bash

running the container

Step 4: Verify the output

You can now check that the default user and the group have now changed to the one we created in the Dockerfile using the id command.

id

Verify the output

To conclude, in this article we discussed how to use the USER instruction inside the Dockerfile to switch the Docker Container’s default user from Root to another user that we can create using the useradd and groupadd commands.


Last Updated : 09 Nov, 2022
Like Article
Save Article
Previous
Next
Share your thoughts in the comments
Similar Reads