如何以非root身份运行nginx容器?

ee7vknir  于 2023-04-20  发布在  Nginx
关注(0)|答案(3)|浏览(260)

每次我尝试以非root身份运行容器时,都会收到以下错误:

the "user" directive makes sense only if the master process runs with super-user privileges, ignored in /etc/nginx/nginx.conf:2

Dockerfile:

FROM nginx:1.17.6
RUN chown -R nginx:nginx /var/cache/nginx && \
        chown -R nginx:nginx /var/log/nginx && \
        chown -R nginx:nginx /etc/nginx/conf.d
RUN chmod -R 777 /etc/nginx/conf.d

USER nginx

COPY app/build /usr/share/nginx/html

RUN rm /etc/nginx/conf.d/default.conf

COPY nginx/nginx.conf /etc/nginx/conf.d

CMD ["nginx","-g","daemon off;"]
hmae6n7t

hmae6n7t2#

您可以删除(或注解)nginx.conf文件顶部的user指令。
当你以root运行nginx时,这个指令是相关的。它定义了拥有nginx子进程的pid的用户。
当你不以root的身份运行nginx时,这个指令是无关紧要的,你的nginx子进程是以你当前的用户运行的。

yacmzcpb

yacmzcpb3#

尝试添加此

RUN mkdir -p /var/cache/nginx && chown -R ${USER}:${GROUP} /var/cache/nginx && \
    mkdir -p /var/log/nginx  && chown -R ${USER}:${GROUP} /var/log/nginx && \
    mkdir -p /var/lib/nginx  && chown -R ${USER}:${GROUP} /var/lib/nginx && \
    touch /run/nginx.pid && chown -R ${USER}:${GROUP} /run/nginx.pid && \
    mkdir -p /etc/nginx/templates /etc/nginx/ssl/certs && \
    chown -R ${USER}:${GROUP} /etc/nginx && \
    chmod -R 777 /etc/nginx/conf.d

# disable nginx user cuz running as non-root
RUN sed -i 's/user nginx;/#user nginx;/g' /etc/nginx/nginx.conf

USER ${USER}

EXPOSE 80 443

CMD ["nginx", "-g", "daemon off;"]

相关问题