43
[root@mymachine redisc]# docker run -p 6379:6379 --user myuser redisc
docker: Error response from daemon: linux spec user: unable to find user myuser: no matching entries in passwd file.

but i can become myuser on the host

[root@mymachine redisc]# sudo su myuser
[myuser@mymachine redisc]#

How would i be able to run as myuser in the container?

ealeon
  • 12,074
  • 24
  • 92
  • 173
  • Possible duplicate of [Docker: unable to find user root: no matching entries in passwd file](https://stackoverflow.com/questions/41676835/docker-unable-to-find-user-root-no-matching-entries-in-passwd-file) – sorin Dec 11 '18 at 14:51
  • Duplicate caused by long standing docker bug. See https://stackoverflow.com/a/53726544/99834 – sorin Dec 11 '18 at 14:51

5 Answers5

32

According to the documentation you can use the ID of the user / group:

When passing a numeric ID, the user does not have to exist in the container.

Source: https://docs.docker.com/engine/reference/run/#user

The command could look like this:

docker run -p 6379:6379 --user 1001 redisc
Mathias
  • 1,819
  • 4
  • 22
  • 34
  • 3
    Great answer. This should have more upvotes. Works perfectly on docker `v 19.03.14`. So, as it turns out, we can pass a userId (UID) that exists on the hosts (but not necessarily present on the container) to the `--user` option of `docker run`. – Binita Bharati Feb 07 '22 at 05:27
  • what if we are doing this on windows machine? – rasilvap Mar 01 '23 at 23:42
16

The host and the container are completely separate. You need to create myuser inside the redisc container before you try and run stuff as that user.

Adam Taylor
  • 7,534
  • 8
  • 44
  • 54
  • 2
    i added "RUN useradd -ms /bin/bash myuser" in the Dockerfile and I still get the same error – ealeon Jan 29 '18 at 18:10
  • 1
    oh I had the line "USER myuser" before RUN. I commented out "USER myuser" and it seems to be working – ealeon Jan 29 '18 at 18:14
  • 1
    It's not necessary to create a user on the container. As it turns out, we can pass a userId (UID) that exists on the hosts (but not necessarily present on the container) to the `--user` option of `docker run`. Tested on docker `v 19.03.14` – Binita Bharati Feb 07 '22 at 05:29
4

You can mount read-only the host user info

# user user and group IDs:
usr="--user $(id -u myuser):$(id -g myuser)"
mountdirs="-v /etc/passwd:/etc/passwd:ro -v /etc/shadow:/etc/shadow:ro -v /etc/group:/etc/group:ro"

options="-p 6379:6379"
# I use 
# options="-ti --rm --entrypoint=/bin/bash"

image=redisc

docker run ${options} ${usr} ${mountdirs} -w /home/myuser "${image}"
SaschaH
  • 351
  • 3
  • 10
Walter A
  • 19,067
  • 2
  • 23
  • 43
1

I mistakenly thought a permission denied error was about access to my filesystem. I built a container that has a bash script as the entrypoint, but didn't give myself execution permission before building the image.

chmod +x entrypoint.sh and rebuilding the image solved my issue.

Jared Beach
  • 2,635
  • 34
  • 38
0

[root@host ~]# docker run --user=toto -ti fedora:26 uname

/usr/bin/docker-current: Error response from daemon: linux spec user: unable to find user toto: no matching entries in passwd file.

[root@host ~]# docker run --user=id -u toto -ti fedora:26 uname

Linux

Mounirsky
  • 117
  • 7