docker: switch to non-root user

This commit is contained in:
Glenn Y. Rolland 2021-11-30 14:02:48 +01:00
parent 9298ecdcb3
commit dd5b7d8591
2 changed files with 12 additions and 2 deletions

View file

@ -8,7 +8,7 @@ RUN apt-get update \
&& truncate -s 0 /var/log/*log && truncate -s 0 /var/log/*log
RUN apt-get update \ RUN apt-get update \
&& apt-get install -y --no-install-recommends make build-essential inotify-tools chromium \ && apt-get install -y --no-install-recommends make build-essential inotify-tools chromium gosu \
&& apt-get clean \ && apt-get clean \
&& rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* \ && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* \
&& truncate -s 0 /var/log/*log && truncate -s 0 /var/log/*log
@ -22,5 +22,6 @@ ENV LC_ALL=C
RUN make prepare RUN make prepare
ENTRYPOINT ["/app/docker/entrypoint.sh"] ENTRYPOINT ["/app/docker/entrypoint.sh"]
CMD ["watch"] CMD ["watch"]

View file

@ -1,6 +1,15 @@
#!/bin/sh #!/bin/sh
set -u
set -e
ARGS="$*" ARGS="$*"
echo "Arguments: $ARGS" echo "Arguments: $ARGS"
exec make "$@" EXT_UID=${EXT_UID:-999}
EXT_GID=${EXT_GID:-999}
groupadd -g "$EXT_GID" appuser
useradd -r -u "$EXT_UID" -g appuser appuser
exec gosu appuser make "$@"