Nexus RM3 docker run as nobody

atharva.inamdar · October 7, 2022, 4:35pm

Currently the nexus3 RM docker image ( sonatype/nexus:3.41.1 ) is configured to run as nexus user and specifies /nexus-data as volume.

I have a need to run the service as nobody user. Through inheriting the OSS image and updating the directory ownership I should be able to run as nobody user. However since /nexus-data is specified as volume, docker does NOT allow changing directory ownership. This causes nexus process not be able to access the data dir as nobody user.

How can I aciehve this using OSS image?

jeff.wise · October 11, 2022, 4:27pm

I know this is not the solution you are looking for, but have you considered forking the sonatype/nexus3 Dockerfile and changing USER nexus to USER nobody?

atharva.inamdar · October 12, 2022, 9:04am

Jeff,

Yes. That’s what I essentially do right now. I’ve copied the Dockerfile and made 2 changes:

USER nobody
remove Volume

If we can get VOLUME removed from OSS image, all users can derive new images from it or if running in K8s/Docker set user from command line instead.

I’m happy to submit a PR if acceptable.

Regards,
Atharva

jeff.wise · October 12, 2022, 2:35pm

You may want to submit an idea on the Sonatype ideas portal for making the image work in the way you expect.