drupal-php icon indicating copy to clipboard operation
drupal-php copied to clipboard
verified publisher icon wodby

Make it possible to run container as nonRootUser

Open sleccese opened this issue 4 years ago • 0 comments

Hi, I have the constrains to run images with nonRootUser. I tried to set the securityContext in my Deployment.yaml as following:

kind: Deployment
....
spec:
  template:
    spec:
      securityContext:
        nonRootUser: true
        fsGroup: 1000
        runAsUser: 1000

However, as I started the image I found out that in the default entrypoint and default CMD there is sudo required which will not work with nonRootUser. I am not to fimilar with PHP and PHP-FPM so I do not know if it is possible to remove this sudo parts.

Following lines in the php base image are in my opinion the problem: 399 ENTRYPOINT ["/docker-entrypoint.sh"] 400 CMD ["sudo", "-E", "LD_PRELOAD=/usr/lib/preloadable_libiconv.so", "php-fpm"]

sleccese avatar Oct 18 '21 12:10 sleccese