CIS NGINX container in the AWS market place
Product Name
CIS Hardened Images® (AWS)
Product Version
all
Date
Jul 31, 2020
Problem
We are using your Ubuntu NGINX container on the AWS market place and noticed that when running as a non-root user (--user 1000:1000) the container won't start due to it trying to access the NGINX config.
Do you have a method for running this as non-root and read-only?
Solution
Connect to the Docker Daemon as any user (root vs non-root) as long as the user is a part of the docker group. Ensure that the user is in that group and if the error still persists perform the following command;
sudo chown username:username /home/username/.docker -R
That assures user 1000:1000 has ownership of the default docker file. To assure this permissions is correct on docker you can run;
sudo chmod g+rwx "/home/username/.docker" -R
Copyright © 2020 Center for Internet Security® Privacy Policy