We are using gitlab-CE running in docker container, however its running as root.
For security purpose, running a container with root priviledges is not recommended, so we want to run the gitlab-ce container with normal user(non-root user).
We tried to run the gitlab-ce container with docker-compose using normal user flag and we have given the ownership of the normal user to the directory in which we are executing docker-compose, however its giving permission errors as below.
ln: failed to create symbolic link ‘/opt/gitlab/service/sshd’: Permission denied
Could you please guide me to fix this issue and also let us know is it possible whether to run gitlab-ce container as normal user(non-root user).
This might help for the first part since Docker would need to be configured properly to run as a non-root user:
as far as I see once the group membership and permissions issue is resolved, it shouldn’t be a problem. It shouldn’t be necessary to edit the Dockerfile for the deployment to tell it what user to run as, so from the Gitlab side no changes should be necessary.
Did anyone find a solution?
I also ran into this issue with GitLab 15.3.1-ee.0.
GitLab is probably switching user and/or permission at some point so I guess setting the right permissions for the volume binds is necessary but I didn’t find anything documented at the GitLab docs (i.e. which UID/PID).