My problem was that these are command line tools, so it is slightly trickier to execute them via docker and then get the results back into the host OS.
I created a docker image housing a full featured install of ImageMagick and Ffmpeg with a desire that I could do transformations on images/videos within my host OS. I was needing to change the user for a slightly different reason. Specifically there was issues with the interpretation/escaping of " and ' characters by the shell. Doing native bash scripts I had problems when trying to pass through a variety of arguments to my containers. I would try to use Python or another language as a wrapper for your script executions. A word of advice for anyone who is potentially interested in doing something like this. I have noticed this post getting a bit of attention. And thanks to a postinstall hook, npm runs bower install & grunt assets which takes care of the remaining install steps and avoids any need to npm install -g any node cli tools like bower, grunt or coffeescript. Once the initial files are chowned, npm install is run as the non-root user. My updated dockerfile works great thanks to clarification of how volumes work. rw-r-r- 1 root root 2.0K Jun 18 16:04 package.json rw-r-r- 1 root root 416 Jun 3 14:22 bower.json rw-r-r- 1 root root 862 Jun 18 16:23 Gruntfile.js rw-r-r- 1 root root 383 Jun 18 20:32 Dockerfile Pretty straightforward, but when I ls -l everything is still owned by root: :/data ]$ ls -l /data # This next line doesn't seem to have any effect: Here's my Dockerfile: # Node.js app Docker file I'm guessing this is because some LXC permission is not being granted to the root user maybe?
I tried to update my Dockerfile to create an app user however changing permissions on app files (while still root) doesn't seem to work. After yesterday's news of Shocker, it seems like apps inside a Docker container should not be run as root.