hadolint/DL3046¶

useradd without flag -l and high UID will result in excessively large image.

Property	Value
Severity	Warning
Category	Performance
Default	Enabled
Auto-fix	Yes (`--fix`)

Description¶

Without the -l or --no-log-init flag, useradd will add the user to the lastlog and faillog databases. This can result in the creation of logically large (sparse) files under /var/log, which inflates container image sizes due to the lack of support for sparse files in overlay filesystems.

Examples¶

Problematic code¶

RUN useradd -u 123456 foobar

Correct code¶

RUN useradd -l -u 123456 foobar

Auto-fix¶

Inserts -l flag after useradd when UID is greater than 99999 and -l/--no-log-init is not already present.

# Before
RUN useradd -u 100001 appuser

# After (with --fix)
RUN useradd -u 100001 -l appuser

Reference¶

hadolint/DL3046