diff options
author | Dan Timoney <dtimoney@att.com> | 2020-04-10 14:37:59 -0400 |
---|---|---|
committer | Dan Timoney <dtimoney@att.com> | 2020-04-10 14:37:59 -0400 |
commit | a31c872db42c4e4b538248fa67cfcdfea618b8cd (patch) | |
tree | b2dad634e9ac1cc1111c8e2b69a60f733dbc831c /ms/neng/src/main/docker | |
parent | 2bd0d092dfc2cf9594b9c135be2e7c12ff264507 (diff) |
Run naming service as non-root
Run naming service as non-root user ccsdk
Change-Id: I1dc2fee3c3b4bd1b3a0e22cfc45ae27620130a20
Issue-ID: CCSDK-2149
Signed-off-by: Dan Timoney <dtimoney@att.com>
Diffstat (limited to 'ms/neng/src/main/docker')
-rw-r--r-- | ms/neng/src/main/docker/Dockerfile | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/ms/neng/src/main/docker/Dockerfile b/ms/neng/src/main/docker/Dockerfile index 6225f35d..5327b11b 100644 --- a/ms/neng/src/main/docker/Dockerfile +++ b/ms/neng/src/main/docker/Dockerfile @@ -31,6 +31,11 @@ VOLUME /opt/etc ADD opt/etc/ /opt/etc/ #ADD /opt/aai/ /opt/aai/ ADD startService.sh /startService.sh +RUN addgroup -S ccsdk && adduser -S ccsdk -G ccsdk +RUN chown ccsdk:ccsdk /startService.sh +RUN chown -R ccsdk:ccsdk /opt +RUN chmod go+w /tmp RUN chmod 700 /startService.sh -ENTRYPOINT sh /startService.sh +USER ccsdk +ENTRYPOINT sh /startService.sh EXPOSE 8080 |