Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Docker container output files owned by root instead of non-privileged user

See original GitHub issue

Problem Description

Using the Docker container to create the reports results in the output being owned by root rather than the user running the container (or at least some other non-root user).

Steps to Reproduce

From the directory with your Cucumber .json result file, run:

docker run \
  --rm \
  --volume "$PWD:/output" \
  rmpestano/cukedoctor \
    -f html \
    -o /output/documentation \
    -t "My Project" \
    -toc left
ls -lR

Expected Output

.:
total 768
-rw-rw-r--. 1 cvoltz cvoltz 343084 May 10 17:12 acceptance-tests.json
-rw-r--r--. 1 cvoltz cvoltz 119998 May 10 17:30 documentation.adoc
-rw-rw-rw-. 1 cvoltz cvoltz 297731 May 10 17:30 documentation.html
drwxr-xr-x. 2 cvoltz cvoltz   4096 May 10 17:30 themes

./themes:
total 372
-rw-r--r--. 1 cvoltz cvoltz 29610 May 10 17:30 asciidoctor.css
-rw-r--r--. 1 cvoltz cvoltz 36715 May 10 17:30 colony.css
-rw-r--r--. 1 cvoltz cvoltz 36217 May 10 17:30 foundation.css
-rw-r--r--. 1 cvoltz cvoltz 37988 May 10 17:30 github.css
-rw-r--r--. 1 cvoltz cvoltz 38305 May 10 17:30 iconic.css
-rw-r--r--. 1 cvoltz cvoltz 36287 May 10 17:30 maker.css
-rw-r--r--. 1 cvoltz cvoltz 37391 May 10 17:30 readthedocs.css
-rw-r--r--. 1 cvoltz cvoltz 36970 May 10 17:30 rocket-panda.css
-rw-r--r--. 1 cvoltz cvoltz 35460 May 10 17:30 rubygems.css

Given $USER was cvoltz.

Actual Output

.:
total 760
-rw-rw-r--. 1 cvoltz cvoltz 343084 May 10 17:12 acceptance-tests.json
-rw-r--r--. 1 root   root   119998 May 10 17:30 documentation.adoc
-rw-rw-rw-. 1 root   root   297731 May 10 17:30 documentation.html
drwxr-xr-x. 2 root   root     4096 May 10 17:30 themes

./themes:
total 336
-rw-r--r--. 1 root root 29610 May 10 17:30 asciidoctor.css
-rw-r--r--. 1 root root 36715 May 10 17:30 colony.css
-rw-r--r--. 1 root root 36217 May 10 17:30 foundation.css
-rw-r--r--. 1 root root 37988 May 10 17:30 github.css
-rw-r--r--. 1 root root 38305 May 10 17:30 iconic.css
-rw-r--r--. 1 root root 36287 May 10 17:30 maker.css
-rw-r--r--. 1 root root 37391 May 10 17:30 readthedocs.css
-rw-r--r--. 1 root root 36970 May 10 17:30 rocket-panda.css
-rw-r--r--. 1 root root 35460 May 10 17:30 rubygems.css

Issue Analytics

State:
Created 4 years ago
Comments:6 (2 by maintainers)

Top GitHub Comments

1reaction

ralphavaloncommented, Aug 23, 2019

Thanks for the feedback. I’ll look this =)

0reactions

cvoltzcommented, Sep 30, 2019

Good to see it isn’t just me. 😃

Top Results From Across the Web

Run the Docker daemon as a non-root user (Rootless mode)

Rootless mode allows running the Docker daemon and containers as a non-root user to mitigate potential vulnerabilities in the daemon and the container...

Files created by Docker container are owned by root

The files are created by the user that runs within the container. Iif your containerized command runs as root , then all files...

Processes In Containers Should Not Run As Root - Medium

Processes in a container should not run as root, or assume that they are root. Instead, create a user in your Dockerfile with...

Understanding user file ownership in docker: how to avoid ...

So I now own all the files. The container can still modify things if it wants to, because from its perspective, it's root...

File Permissions: the painful side of Docker - Coding Thoughts

Yes, now we don't mind running the container as root but remember that many services are running under their own user, which is...