Public | Automated Build

Last pushed: 3 months ago
Short Description
Alpine + grep sed tar unzip libcap su-exec
Full Description

docker image: alpinebase [Layer 1]

This layer 1 docker image is built upon alpine image 3.6 tag with edge enhancement,
which itself is built from Alpine Linux v3.6
branch for best support of DNS search paths and new packages, such as php7@edge/testing repository.
If the intent is to be a minimal base for single-service containers, using @testing is not expected to cause issues.
For multi-process containers, it may generate some unexpected results. Please do more testing before production.


Install su-exec instead of gosu to restrict user privileges. Symlink sux->su-exec. Usage:
exec sux daemon cmdname which drops root privileges to act as user daemon.


Packages: grep sed tar unzip libcap su-exec

Files and Folders:





    www         [Owner:www-data:www-data]

Users and Groups:


libcap Usage and Caveats

Use setcap@libcap to grant PORT<=1024 access to non-root system users(UID<=999) such as 80, 443 etc. Usage:
setcap CAP_NET_BIND_SERVICE=+eip /usr/bin/go-dnsmasq
setcap will fail during docker image building if the host kernel hadn't been compiled with a proper config line CONFIG_AUFS_XATTR=y for the aufs filesystem driver.
Check if the kernel has it: grep AUFS /boot/config* or grep AUFS_X /boot/config*

Workarounds(Don't choose aufs):
In default config /etc/default/docker or systemd service unit /lib/systemd/system/docker.service add a line or edit an existing DOCKER_OPTS line:
--mtu 1400 --storage-driver=devicemapper to use DeviceMapper, OR
--mtu 1400 --storage-driver=overlay to use OverlayFS/2 if possible.
sudo systemctl restart docker.service and build docker image with setcap agian.


  • latest tracks the latest tag from upstream
  • 36e indicates the os version of the edge, i.e, 36e=3.6+edge

This includes the edge @community and @edge, @testing repositories where @ means masked.
To install them, please use apk-install pkg1@edge pkg2@community pkg3@testing.


Apache 2.0

Docker Pull Command
Source Repository

Comments (0)