https://prefect.io logo
#prefect-community
Title
# prefect-community
j

Jeff Brainerd

03/11/2020, 3:14 PM
Hey Prefect team, would like to upvote the issue to provide ability to run prefect flow container as non-root. This is definitely a problem for us. https://github.com/PrefectHQ/prefect/issues/2025 Does anyone have a workaround?
c

Chris White

03/11/2020, 4:02 PM
Hey @Jeff Brainerd! The other user that experienced this ended up doing the following for now:
We got this to work by setting chmod for group 0 on /.prefect and /root/.prefect/flows directories
We can re-prioritize the issue for you as well 👍
j

Jeff Brainerd

03/11/2020, 4:03 PM
thanks! will try that
👍 1
s

Scott Zelenka

03/13/2020, 2:35 PM
@Jeff Brainerd here's the Dockerfile we used to get this to run as non-root in OpenShift:
Copy code
ARG PREFECT_VERSION
ARG PYTHON_VERSION
FROM prefecthq/prefect:${PREFECT_VERSION}-python${PYTHON_VERSION}

#=====
# setup /etc/passwd for 'root' group access
#=====
RUN mkdir -p /.prefect /root/.prefect/flows \
    && chgrp -R 0 \
        /etc/passwd \
        /run \
        /.prefect \
        /root/.prefect \
    && chmod -R g+rwX \
        /etc/passwd \
        /run \
        /.prefect \
        /root/.prefect \
    && chmod 770 \
        /etc/passwd
j

Jeff Brainerd

03/13/2020, 2:58 PM
Nice, thank you for sharing!