It's generally bad practice for Docker images to run as root. However, the official Bitbucket and Confluence Server images run as root.
Unfortunately, if you're using an enterprise container management platform (we're using OpenShift), containers that run as root aren't even allowed to start. This is for securtiy purposes. Most people aren't willing to turn off security features in a production environment in order to run a docker image.
Is there any plans to fix this in the near future?
The image is set to run on a high port, so there shouldn't be much issue in running this as a non-root (or daemon) user, right?
recent changes made the situation even worse. This part in the entrypoint.py file:
def gen_cfg(tmpl, target, env, user='root', group='root', mode=0o644, overwrite=True):
makes it definitely impossible to run the image as a non-root user.
@Michael Rose any chances that this is getting reworked in the near future?
Thanks everyone for answering last week’s question. The winner of the random drawing from those who commented is: @LarryBrock I’ll contact you separately with your prize details. This wee...
Connect with like-minded Atlassian users at free events near you!Find an event
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.Host an event
You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events