Non-privileged containers FTW

Posted on September 5, 2017  •  1 minutes  • 44 words

FROM ubuntu:latest
RUN useradd -u 10001 scratchuser

FROM scratch
COPY dosomething /dosomething
COPY --from=0 /etc/passwd /etc/passwd
USER scratchuser

ENTRYPOINT ["/dosomething"]

Quite innovative use of multi stage docker build. Of course, you can create a passwd file yourself but this one seems much rather interesting.