Currently the nexus3 RM docker image ( sonatype/nexus:3.41.1 ) is configured to run as
nexus user and specifies
/nexus-data as volume.
I have a need to run the service as
nobody user. Through inheriting the OSS image and updating the directory ownership I should be able to run as
nobody user. However since
/nexus-data is specified as volume, docker does NOT allow changing directory ownership. This causes nexus process not be able to access the data dir as nobody user.
How can I aciehve this using OSS image?
I know this is not the solution you are looking for, but have you considered forking the sonatype/nexus3 Dockerfile and changing USER nexus to USER nobody?
Yes. That’s what I essentially do right now. I’ve copied the Dockerfile and made 2 changes:
- USER nobody
- remove Volume
If we can get VOLUME removed from OSS image, all users can derive new images from it or if running in K8s/Docker set user from command line instead.
I’m happy to submit a PR if acceptable.
You may want to submit an idea on the Sonatype ideas portal for making the image work in the way you expect.