From b3a1681fd81cae1abe67b1a2c0ad6f137593c6ea Mon Sep 17 00:00:00 2001 From: Michael Irwin Date: Mon, 16 Sep 2019 11:35:13 -0400 Subject: [PATCH] Add clarification when using USER UID:GI Signed-off-by: Michael Irwin --- docs/reference/builder.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/docs/reference/builder.md b/docs/reference/builder.md index 2b24052255..3e19e10e55 100644 --- a/docs/reference/builder.md +++ b/docs/reference/builder.md @@ -1478,6 +1478,9 @@ The `USER` instruction sets the user name (or UID) and optionally the user group (or GID) to use when running the image and for any `RUN`, `CMD` and `ENTRYPOINT` instructions that follow it in the `Dockerfile`. +> Note that when specifying a group for the user, the user will have _only_ the +> specified group membership. Any other configured group memberships will be ignored. + > **Warning**: > When the user doesn't have a primary group then the image (or the next > instructions) will be run with the `root` group.