glenux/docker-debian-repository
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Remove sudo access

Browse source 
Not required by the application; debugging can be done with 'nsenter'
or 'docker-enter' - see https://github.com/jpetazzo/nsenter
This commit is contained in:
Nick Andrew 2014-11-17 01:29:49 +11:00
parent 25bbb48dcf
commit 28ba0e1398
2 changed files with 3 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
Dockerfile
View file

@ -6,7 +6,7 @@ RUN apt-get update
# Install supervisor for managing services # Install supervisor for managing services
RUN apt-get install -q -y supervisor cron openssh-server pwgen reprepro screen vim-tiny sudo nginx RUN apt-get install -q -y supervisor cron openssh-server pwgen reprepro screen vim-tiny nginx
# Configure cron # Configure cron
@ -31,10 +31,8 @@ RUN echo "daemon off;" >> /etc/nginx/nginx.conf
RUN rm -f /etc/nginx/sites-enabled/default RUN rm -f /etc/nginx/sites-enabled/default
ADD configs/nginx-default.conf /etc/nginx/sites-enabled/default ADD configs/nginx-default.conf /etc/nginx/sites-enabled/default
# Setup root & sudo access # Setup root access
RUN echo "root:docker" | chpasswd RUN echo "root:docker" | chpasswd
RUN echo %sudo ALL=NOPASSWD: ALL >> /etc/sudoers
# Configure supervisor # Configure supervisor
RUN service supervisor stop RUN service supervisor stop
@ -54,4 +52,3 @@ VOLUME ["/docker/keys", "/docker/incoming", "/repository"]
EXPOSE 80 EXPOSE 80
EXPOSE 22 EXPOSE 22
CMD ["/usr/local/sbin/start"] CMD ["/usr/local/sbin/start"]

2
scripts/start.sh
View file

@ -8,7 +8,7 @@
# let's create a user to SSH into # let's create a user to SSH into
SSH_USERPASS=`pwgen -c -n -1 8` SSH_USERPASS=`pwgen -c -n -1 8`
mkdir /home/user mkdir /home/user
useradd -G sudo -d /home/user -s /bin/bash user useradd -d /home/user -s /bin/bash user
chown -R user /home/user chown -R user /home/user
chown -R user /docker/incoming chown -R user /docker/incoming