Allow contaiener root user to start nginx process and its workers when used in rootless podman
Closed this issue · 1 comments
Is your feature request related to a problem? Please describe
I need nginx to be able to access readonly host volume when started as rootless container with podman
Describe the solution you'd like
In order to allow nginx to access worker user (in our case UID 101) must be mapped to host UID of current user (in my case 1000) to have access to exactly the same filesystem as the creator of container has (with the limitation of particular --volume directory)
Describe alternatives you've considered
I am using modified official nginx with removed user directive so as a result nginx is started as root as well as worker processes which translated to host nonroot user 1000 - and it works
Since unprivileged user image already runs on "single user" it would be nice if one could actually specify UID of user to be used - container root 0 i my case.
Hey @Antoniossss! You can already specify the UID of the user by using the UID/GID build args https://github.com/nginxinc/docker-nginx-unprivileged/blob/main/mainline/alpine/Dockerfile#L11-L12. You will have to rebuild the image on your end though.