glenux/docmachine-containers
glenux/docmachine-containers
1
0
Fork 0
Code Issues Pull requests Projects 1 Releases Packages Wiki Activity

docker: switch to non-root user

Browse source
This commit is contained in:
Glenn Y. Rolland 2021-11-30 14:02:48 +01:00
parent e7bfbca9dc
commit 4131813fa5
2 changed files with 12 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
docker/Dockerfile
View file

@ -8,7 +8,7 @@ RUN apt-get update \
&& truncate -s 0 /var/log/*log && truncate -s 0 /var/log/*log
RUN apt-get update \ RUN apt-get update \
&& apt-get install -y --no-install-recommends make build-essential inotify-tools chromium \ && apt-get install -y --no-install-recommends make build-essential inotify-tools chromium gosu \
&& apt-get clean \ && apt-get clean \
&& rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* \ && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* \
&& truncate -s 0 /var/log/*log && truncate -s 0 /var/log/*log
@ -22,5 +22,6 @@ ENV LC_ALL=C
RUN make prepare RUN make prepare
ENTRYPOINT ["/app/docker/entrypoint.sh"] ENTRYPOINT ["/app/docker/entrypoint.sh"]
CMD ["watch"] CMD ["watch"]

11
docker/entrypoint.sh
View file

@ -1,6 +1,15 @@
#!/bin/sh #!/bin/sh
set -u
set -e
ARGS="$*" ARGS="$*"
echo "Arguments: $ARGS" echo "Arguments: $ARGS"
exec make "$@" EXT_UID=${EXT_UID:-999}
EXT_GID=${EXT_GID:-999}
groupadd -g "$EXT_GID" appuser
useradd -r -u "$EXT_UID" -g appuser appuser
exec gosu appuser make "$@"