我如何 Docker COPY 作为非 root 用户? [英] How do I Docker COPY as non root?
问题描述
在构建 Docker 映像时,如何将文件COPY
到映像中,以使生成的文件归 root 以外的用户所有?
While building a Docker image, how do I COPY
a file into the image so that the resulting file is owned by a user other than root?
推荐答案
适用于 v17.09.0-ce 及更新版本
在 ADD
或 COPY
命令中使用可选标志 --chown=<user>:<group>
.
Use the optional flag --chown=<user>:<group>
with either the ADD
or COPY
commands.
例如
COPY --chown=<user>:<group> <hostPath> <containerPath>
--chown 标志的文档现已在 Dockerfile 参考页面上发布.
The documentation for the --chown flag is now live on the main Dockerfile Reference page.
问题 34263 已合并,可在 发布 v17.09.0-ce.
Issue 34263 has been merged and is available in release v17.09.0-ce.
适用于 v17.09.0-ce 之前的版本
Docker 不支持 COPY
作为 root 以外的用户.您需要chown
/chmod
文件在 COPY
命令之后.
Docker doesn't support COPY
as a user other than root. You need to chown
/ chmod
the file after the COPY
command.
示例 Dockerfile:
Example Dockerfile:
from centos:6
RUN groupadd -r myuser && adduser -r -g myuser myuser
USER myuser
#Install code, configure application, etc...
USER root
COPY run-my-app.sh /usr/local/bin/run-my-app.sh
RUN chown myuser:myuser /usr/local/bin/run-my-app.sh &&
chmod 744 /usr/local/bin/run-my-app.sh
USER myuser
ENTRYPOINT ["/usr/local/bin/run-my-app.sh"]
在 v17.09.0-ce 之前,COPY
命令的 Dockerfile 参考说:
Previous to v17.09.0-ce, the Dockerfile Reference for the COPY
command said:
所有新文件和目录均使用 0 的 UID 和 GID 创建.
All new files and directories are created with a UID and GID of 0.
<小时>
历史此功能已通过多个 GitHub 问题进行跟踪:6119、9943, 13600, 27303, 28499, 问题 30110.
History This feature has been tracked through multiple GitHub issues: 6119, 9943, 13600, 27303, 28499, Issue 30110.
Issue 34263 是实现可选标志功能和 Issue 467 更新了文档.
Issue 34263 is the issue that implemented the optional flag functionality and Issue 467 updated the documentation.
这篇关于我如何 Docker COPY 作为非 root 用户?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!