We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Hello,
would it be possible to add users to in the container files so that ffmpeg is not run as root user in the container?
This should increase security, as another abstraction layer and is generally one of the best practices as far as container building is concerned.
For images based on distributions, it should be possible to add a user via
RUN useradd
in the final image.
And for scratch images, you could either
in the image which compiles ffmpeg and then
COPY --from=build /etc/passwd /etc/
to the final image, or a cleaner way, in my opinion, would be to write a small passwd file of your own (something like this:)
ffmpeg:x:999:999::/ffmpeg:
and then
COPY ./path/to/passwd/in/repo /etc/
The text was updated successfully, but these errors were encountered:
No branches or pull requests
Hello,
would it be possible to add users to in the container files so that ffmpeg is not run as root user in the container?
This should increase security, as another abstraction layer
and is generally one of the best practices as far as container building is concerned.
For images based on distributions, it should be possible to add a user via
in the final image.
And for scratch images, you could either
in the image which compiles ffmpeg and then
to the final image,
or a cleaner way, in my opinion, would be to write a small passwd file of your own
(something like this:)
and then
The text was updated successfully, but these errors were encountered: