I’m having a problem while using an amazoncorretto-alpine image on which I run a Spring boot application.
To startup the container I use a specific bash script which (along with other stuff) attempt to run the executable jar for the Spring boot application.
My need is to run the executable jar with a different user , so while the bash script runs with root the "java -jar springBoot.jar" must be executed as "spring" user.
In the docker file a user and a group has been created and given permissions for the springBoot.jar like this:
...
RUN addgroup -S spring && adduser -S -D spring -G spring
RUN chown spring:spring springBoot.jar
...
CMD ["myBash.sh"]
The user and group are present, the permissions on the file are configured correctly and the container starts by executing myBash.sh.
In the bash, that runs with "root" privileges, I’m using this command line to execute the jar with another user:
su - spring -c "java -jar springBoot.jar"
I did some other test by putting the -c "command" before the user but the error is always the same:
"The Account is not available"
This message is printed in the Docker console when starting the container.
Alpine version in the image:
"Alpine Linux v3.15"
Note: if I remove the instruction "su – spring…." above and just run the java -jar springBoot.jar in the bash script all works fine but the application is started with root (as expected).
Anyone have any idea what could be the problem?
2
Answers
You can specify on your Dockerfile a USER.
You will find all the documentation in this link above.
https://docs.docker.com/engine/reference/builder/#user
But for your use case i think, you just need to specify in your Dockerfile something like this:
instead of create the user directly in docker file try to create it inside the script like this
then switch the user