Connect to docker container as user other than root

Question

BY default when you run

docker run -it [myimage]

OR

docker attach [mycontainer]

you connect to the terminal as r

Answer 1

For docker run:

Simply add the option --user <user> to change to another user when you start the docker container.

docker run -it --user nobody busybox

For docker attach or docker exec:

Since the command is used to attach/execute into the existing process, therefore it uses the current user there directly.

docker run -it busybox  # CTRL-P/Q to quit
docker attach <container id>  # then you have root user
/ # id
uid=0(root) gid=0(root) groups=10(wheel)

docker run -it --user nobody busybox # CTRL-P/Q to quit
docker attach <container id>  
/ $ id
uid=99(nobody) gid=99(nogroup)

If you really want to attach to the user you want to have, then

1. start with that user run --user <user> or mention it in your Dockerfile using USER
2. change the user using `su

Answer 2

For docker-compose. In the docker-compose.yml:

version: '3'
services:
    app:
        image: ...
        user: ${UID:-0}
...

In .env:

UID=1000

Answer 3

As an updated answer from 2020. --user , -u option is Username or UID (format: <name|uid>[:<group|gid>]).

Then, it works for me like this,

docker exec -it -u root:root container /bin/bash

Reference: https://docs.docker.com/engine/reference/commandline/exec/