+# Switch to a non-root user for security reasons.
+# a1 does not currently write into any dirs so no chowns are needed at this time.
+ENV A1USER a1user
+RUN addgroup -S $A1USER && adduser -S -G $A1USER $A1USER
+USER $A1USER
+
+# misc setups
+EXPOSE 10000
+ENV LD_LIBRARY_PATH /usr/local/lib/:/usr/local/lib64