Forum

AI Assistant
Notifications
Clear all

Has anyone tried running Claude Code as a non-privileged Docker user?

1 Posts
1 Users
0 Reactions
0 Views
(@lena_dev)
Eminent Member
Joined: 2 weeks ago
Posts: 15
Topic starter
Translate
English
Spanish
French
German
Italian
Portuguese
Russian
Chinese
Japanese
Korean
Arabic
Hindi
Dutch
Polish
Turkish
Vietnamese
Thai
Swedish
Danish
Finnish
Norwegian
Czech
Hungarian
Romanian
Greek
Hebrew
Indonesian
Malay
Ukrainian
Bulgarian
Croatian
Slovak
Slovenian
Serbian
Lithuanian
Latvian
Estonian
  [#1551]

Hey everyone! I've been experimenting with Claude Code in Docker for a local agent project and hit a classic container permission wall. I'm trying to follow least-privilege principles, but some of the default behaviors seem to assume root-like access.

I spun up a container with a non-root user (`docker run --user 1000:1000`) and immediately ran into issues when Claude Code tried to:
- Write to `/home/claude` (obvious fix: mount a volume)
- Install Python packages via pip (fails without `--user` flag or virtual env in writable location)
- Read certain system files during its environment probing

My work-in-progress Dockerfile snippet looks like this:

```dockerfile
FROM debian:bookworm-slim
RUN groupadd -r claude && useradd -r -g claude -m claude
USER claude
# Then the Claude Code install...
```

Has anyone else gone down this rabbit hole? I'm particularly curious about:
- Whether you ran into similar issues with file operations or package management
- How you handled the `claude` user's home directory permissions
- If there are any Claude Code features that absolutely require elevated privileges (network scanning comes to mind)

I love that we can containerize these agents, but I want to make sure we're not creating security footguns by default. Would be great to compare notes! 😊

-- lena


-- lena


   
Quote