Be default, the root user is logged in when a container starts. Being the root in the container means you get to do anything you want to the container’s file system. There are reasons why you may not want this to happen, both from a security, and application point of view.
To be a non-root user within the container, you can use the --user flag when executing the run command.
To log in as the current user on the container, you can use --user=$(id -u):$(id -g). However, if the user does not exist in the container, the username will be “I have no name!”
To add a user to the container as part of the initialization, you can:
- Pass in a useradd command via a entrypoint file, or
- Create the user and commit it as part of the image (non-portable)