running comands as non-root user while using docker-maven plugin

0 votes

I'm building a docker image using docker-maven plugin. The maven command is to be executed using jenkins. The jenkins.war is deployed on tomcat instead of a separate application, running in a non-root instance. Docker needs root access therefore maven commands will be run in root and because of that jenkins and tomcat will also run in root which is bad practice. I guess I can either run docker as a non-root user(I don't know how to do that) or run jenkins as root(unable do that ever since I switched env variable/config).

any solution is appreciated, thank you

Apr 30, 2018 in DevOps Tools by Atul
• 10,240 points
3,016 views

1 answer to this question.

0 votes

Docker needs root access therefore maven commands will be run in root

not necessarily, you can run docker with -u (--user) parameter to run it as a non-root user inside a container

I guess I can either run docker as a non-root user

If you add the user(on host) to the docker group, you can use the docker service with the said user

As you said so yourself it not secure, look through the following

Especially, have a look at these points

  • If there’s a known uid that the process inside the container is executing as, it could be as simple as restricting access to the host system so that the uid from the container has limited access.
  • The better solution is to start containers with a known uid using the--user (you can use a username also, but remember that it’s just a friendlier way of providing a uid from the host’s username system), and then limiting access to the uid on the host that you’ve decided the container will run as.
  • Because of how uids and usernames (and gids and group names) map from a container to the host, specifying the user that a containerized process runs as can make the process appear to be owned by different users inside vs outside the container.
answered Apr 30, 2018 by ajs3033
• 7,300 points

Related Questions In DevOps Tools

0 votes
0 answers

How to create maven build on bamboo ? Unable to create build by using profile as in pom.xml

As given in the above question that ...READ MORE

Oct 28 in DevOps Tools by Anila
• 4,940 points
46 views
0 votes
1 answer

Maven deploy “Release Note” as artifact

Using both @SpaceTrucker and @khmarbaise, came up with the following ...READ MORE

answered Jun 19, 2018 in DevOps Tools by Atul
• 10,240 points
1,354 views
0 votes
1 answer

Maven deploy Release Note as artifact

The following solution will do the trick: <profiles> ...READ MORE

answered Jun 22, 2018 in DevOps Tools by Atul
• 10,240 points
744 views
0 votes
1 answer

How do I deploy to multiple servers using the same context root?

  If you're deploying to multiple servers ...READ MORE

answered Jul 2, 2018 in DevOps Tools by Kalgi
• 52,350 points
801 views
+2 votes
1 answer
+2 votes
1 answer

Deploy Docker Containers from Docker Cloud

To solve this problem, I followed advice ...READ MORE

answered Sep 3, 2018 in AWS by Priyaj
• 58,020 points
2,735 views
+4 votes
2 answers

Jenkins not showing Maven Release Plugin

Make your project type Maven Project. This ...READ MORE

answered Oct 11, 2018 in DevOps Tools by Hannah
• 18,520 points
5,106 views
0 votes
1 answer
webinar REGISTER FOR FREE WEBINAR X
REGISTER NOW
webinar_success Thank you for registering Join Edureka Meetup community for 100+ Free Webinars each month JOIN MEETUP GROUP