'Run composer scripts as www-data user in docker container

I am using composer to run some system workers on the docker container, which is normally started with the www-data user on remote servers.

When I run them on the docker container they are started by the root user which is not correct, because the www-data user can not stop them from the browser app.

composer.json

...
"require": {
    ...
},
"scripts": {
    "worker:start": [
        "php path/to/the/script"
    ],
},
...

Start the script on the docker container

composer worker:start

And top results

PID USER      PR  NI    VIRT    RES    SHR S  %CPU  %MEM     TIME+ COMMAND                                                                                                                                                         
  1 root      20   0  267152  36396  29584 S   0.0   0.2   0:00.12 php-fpm                                                                                                                                                         
 91 root      20   0   19132   4216   2208 S   0.0   0.0   0:00.04 sendmail-mta                                                                                                                                                    
103 www-data  20   0  267152   8952   2136 S   0.0   0.1   0:00.00 php-fpm                                                                                                                                                         
104 www-data  20   0  267152   8952   2136 S   0.0   0.1   0:00.00 php-fpm                                                                                                                                                         
154 root      20   0    2528    580    488 S   0.0   0.0   0:00.00 timeout                                                                                                                                                         
156 root      20   0  124460  56344  27900 S   0.0   0.4   0:00.18 php                                                                                                                                                             
157 root      20   0    2528    576    484 S   0.0   0.0   0:00.00 timeout                                                                                                                                                         
159 root      20   0  124460  55484  28224 S   0.0   0.3   0:00.19 php                                                                                                                                                             
160 root      20   0    2528    584    488 S   0.0   0.0   0:00.00 timeout                                                                                                                                                         
161 root      20   0  129012  61356  28020 S   0.0   0.4   0:00.27 php                                                                                                                                                             
162 root      20   0    4100   3428   2920 S   0.0   0.0   0:00.02 bash                                                                                                                                                            
168 root      20   0    7016   3360   2820 T   0.0   0.0   0:00.02 top                                                                                                                                                             
189 root      20   0    2528    576    484 S   0.0   0.0   0:00.00 timeout                                                                                                                                                         
191 root      20   0  124460  54948  27436 S   0.0   0.3   0:00.17 php                                                                                                                                                             
192 root      20   0    2528    576    484 S   0.0   0.0   0:00.00 timeout                                                                                                                                                         
194 root      20   0  122280  54548  28080 S   0.0   0.3   0:00.15 php                                                                                                                                                             
195 root      20   0    2528    640    548 S   0.0   0.0   0:00.00 timeout                                                                                                                                                         
196 root      20   0  128968  60336  27972 S   0.0   0.4   0:00.23 php                                                                                                                                                             
197 root      20   0    7016   3352   2812 R   0.0   0.0   0:00.00 top

As you see, only php-fpm proccess is run with www-data user.

How to configure docker container to run all PHP processes as www-data user instead root?

docker docker-compose

Solution 1:^[1]

The reason FPM is running with that user is because it's written in the FPM config file. So it doesn't run as the root user, but as the user in the config file.

For example, somewhere in one of your FPM config files are settings simular to the below:

[www]
user = www-data
group = www-data

Composer doesn't seem to do this. At least not by default or with its current configuration.

I suggest generally switching the user in the docker container, for security purposes. Put this at the end of your Dockerfile.

USER www-data

This is good security practice and should also fix your problem.

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution	Source
Solution 1

'Run composer scripts as www-data user in docker container

Solution 1:[1]

Sources

Related Questions

Solution 1:^[1]