Should I create a new UID for each Docker?


PzrrL

Recommended Posts

I am fairly new to Unraid and currently exploring around Unraid, and I am planning to start a new fresh start since I think I might screw up something like Array Disk showing in UD, stopping array for long time, sudden miss of Dockers...

 

To the point of the topic, I would like to know that should I create a new user for every single Docker for any particular reason? I understand that the concept of UID and GID comes from Linux, but I am not able to find any tutorials regarding the setting of UID (and even GID) even the settings are there for some of the dockers. Most of them are default to 'nobody' 99, but I am not sure if this will raise any security issue and would like to know what is the best practice of handling these UID and GID in dockers?

 

My current setting(though I am going to start a fresh setup of Unraid) is a new user for a new docker. For example, I would create a user named "bt" for qbittorrent, "jdownloader" for jDownloader2, etc..

 

Please advise, thanks!

Link to comment
6 hours ago, itimpi said:

It is not normal to create any specific user for a docker as this is handled internally within the docker container and is set up by the container author.    Users are therefore NOT normally set up at the Unraid level to support docker containers.

Thanks for your reply. So what is the point of letting user to set UID and GID by themselves? Or why is this field ever exist?

Link to comment

So files created by the docker can have the proper ownership (user and group) set without you having to run any sort of "Fix Permissions" script with unRaid.

 

Not all systems running a docker container (Emby or Plex for instance) will have files owned by NOBODY / USERS. Not all systems will have the user mapped to UID 99 or group mapped to GID 100. Remember, dockers are not unraid specific, they can be run on other Linux systems or even Windows.

Link to comment

Yea I understand this exists in Linux as well, so unless I am doing anything so specific, I will just stick to 

22 minutes ago, BRiT said:

So files created by the docker can have the proper ownership (user and group) set without you having to run any sort of "Fix Permissions" script with unRaid.

 

Not all systems running a docker container (Emby or Plex for instance) will have files owned by NOBODY / USERS. Not all systems will have the user mapped to UID 99 or group mapped to GID 100. Remember, dockers are not unraid specific, they can be run on other Linux systems or even Windows.

Yea I understand this exists in Linux as well, so unless I am doing anything so specific, I will just stick to nobody?

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.