From a7cfb098d48b9b9ce19bc57fd2c219981b24b75b Mon Sep 17 00:00:00 2001 From: Kai Blin Date: Wed, 12 Aug 2015 06:34:37 +0200 Subject: [PATCH 1/4] reference/run: Clarify the use of numeric UIDs it is possible to pass an UID that has not been created inside the container, clarify this in the docs. This should fix issue #14795 Signed-off-by: Kai Blin --- docs/reference/run.md | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/docs/reference/run.md b/docs/reference/run.md index 837eb0baea..aca728d250 100644 --- a/docs/reference/run.md +++ b/docs/reference/run.md @@ -1142,10 +1142,11 @@ volume mounted on the host). ### USER -The default user within a container is `root` (id = 0), but if the -developer created additional users, those are accessible too. The -developer can set a default user to run the first process with the -Dockerfile `USER` instruction, but the operator can override it: +The default user within a container is `root` (id = 0), but if the developer +created additional users, those are accessible by name. When passing a numeric +ID, the user doesn't have to exist in the container. The developer can set a +default user to run the first process with the Dockerfile `USER` instruction, +but the operator can override it: -u="": Username or UID From 4d89910820e4c0fb62e1e496e5df837b77514f27 Mon Sep 17 00:00:00 2001 From: Kai Blin Date: Thu, 13 Aug 2015 06:34:57 +0200 Subject: [PATCH 2/4] reference/run: Add a paragraph break Signed-off-by: Kai Blin --- docs/reference/run.md | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/docs/reference/run.md b/docs/reference/run.md index aca728d250..5fdb55f1eb 100644 --- a/docs/reference/run.md +++ b/docs/reference/run.md @@ -1144,9 +1144,10 @@ volume mounted on the host). The default user within a container is `root` (id = 0), but if the developer created additional users, those are accessible by name. When passing a numeric -ID, the user doesn't have to exist in the container. The developer can set a -default user to run the first process with the Dockerfile `USER` instruction, -but the operator can override it: +ID, the user doesn't have to exist in the container. + +The developer can set a default user to run the first process with the +Dockerfile `USER` instruction, but the operator can override it: -u="": Username or UID From 8a61e2b151c9b8ed985c9d508fb4f31c84c155f7 Mon Sep 17 00:00:00 2001 From: Kai Blin Date: Thu, 13 Aug 2015 06:35:48 +0200 Subject: [PATCH 3/4] reference/run: Add some articles Signed-off-by: Kai Blin --- docs/reference/run.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/reference/run.md b/docs/reference/run.md index 5fdb55f1eb..c9c7aae0fe 100644 --- a/docs/reference/run.md +++ b/docs/reference/run.md @@ -1151,7 +1151,7 @@ Dockerfile `USER` instruction, but the operator can override it: -u="": Username or UID -> **Note:** if you pass numeric uid, it must be in range 0-2147483647. +> **Note:** if you pass a numeric uid, it must be in the range 0-2147483647. ### WORKDIR From ba29d31c9cb205863d8d63542ef969e7c6fafcfe Mon Sep 17 00:00:00 2001 From: Kai Blin Date: Tue, 18 Aug 2015 08:56:56 +0200 Subject: [PATCH 4/4] reference/run: Some editorial changes Based on the suggestions from @moxiegirl, some changes to make the wording more clear. Signed-off-by: Kai Blin --- docs/reference/run.md | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/docs/reference/run.md b/docs/reference/run.md index c9c7aae0fe..643c1a104c 100644 --- a/docs/reference/run.md +++ b/docs/reference/run.md @@ -1142,16 +1142,17 @@ volume mounted on the host). ### USER -The default user within a container is `root` (id = 0), but if the developer -created additional users, those are accessible by name. When passing a numeric -ID, the user doesn't have to exist in the container. +`root` (id = 0) is the default user within a container. The image developer can +create additional users. Those users are accessible by name. When passing a numeric +ID, the user does not have to exist in the container. The developer can set a default user to run the first process with the -Dockerfile `USER` instruction, but the operator can override it: +Dockerfile `USER` instruction. When starting a container, the operator can override +the `USER` instruction by passing the `-u` option. -u="": Username or UID -> **Note:** if you pass a numeric uid, it must be in the range 0-2147483647. +> **Note:** if you pass a numeric uid, it must be in the range of 0-2147483647. ### WORKDIR