From 28ba0e13980726960df5b8b6392d71cd25b9cb65 Mon Sep 17 00:00:00 2001 From: Nick Andrew Date: Mon, 17 Nov 2014 01:29:49 +1100 Subject: [PATCH] Remove sudo access Not required by the application; debugging can be done with 'nsenter' or 'docker-enter' - see https://github.com/jpetazzo/nsenter --- Dockerfile | 7 ++----- scripts/start.sh | 2 +- 2 files changed, 3 insertions(+), 6 deletions(-) diff --git a/Dockerfile b/Dockerfile index c400873..751fa08 100644 --- a/Dockerfile +++ b/Dockerfile @@ -6,7 +6,7 @@ RUN apt-get update # Install supervisor for managing services -RUN apt-get install -q -y supervisor cron openssh-server pwgen reprepro screen vim-tiny sudo nginx +RUN apt-get install -q -y supervisor cron openssh-server pwgen reprepro screen vim-tiny nginx # Configure cron @@ -31,10 +31,8 @@ RUN echo "daemon off;" >> /etc/nginx/nginx.conf RUN rm -f /etc/nginx/sites-enabled/default ADD configs/nginx-default.conf /etc/nginx/sites-enabled/default -# Setup root & sudo access +# Setup root access RUN echo "root:docker" | chpasswd -RUN echo %sudo ALL=NOPASSWD: ALL >> /etc/sudoers - # Configure supervisor RUN service supervisor stop @@ -54,4 +52,3 @@ VOLUME ["/docker/keys", "/docker/incoming", "/repository"] EXPOSE 80 EXPOSE 22 CMD ["/usr/local/sbin/start"] - diff --git a/scripts/start.sh b/scripts/start.sh index 56b15af..1e6534c 100644 --- a/scripts/start.sh +++ b/scripts/start.sh @@ -8,7 +8,7 @@ # let's create a user to SSH into SSH_USERPASS=`pwgen -c -n -1 8` mkdir /home/user -useradd -G sudo -d /home/user -s /bin/bash user +useradd -d /home/user -s /bin/bash user chown -R user /home/user chown -R user /docker/incoming