diff options
| author |   tangpeng <tang.peng5@zte.com.cn> | 2019-02-26 09:04:48 +0000 |
|---|---|---|
| committer | tangpeng <tang.peng5@zte.com.cn> | 2019-02-26 09:04:48 +0000 |
| commit | 967f08b3eba7c03b3a11247d680e7ac22edf97c3 (patch) | |
| tree | 7f7fa352a355326235434d953fbac497ce7d49fa | |
| parent | 4ee99cc3042dd6ea511dd0fb065a88994109486b (diff) | |
Run the app with a non-root user
Change-Id: I7b1edd635fc7aac7edbf2befaf107ea1deb9aff2
Issue-ID: HOLMES-202
Signed-off-by: tangpeng <tang.peng5@zte.com.cn>
| -rw-r--r-- | rulemgt-standalone/src/main/assembly/Dockerfile | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/rulemgt-standalone/src/main/assembly/Dockerfile b/rulemgt-standalone/src/main/assembly/Dockerfile index 106d7ac..ddd48cd 100644 --- a/rulemgt-standalone/src/main/assembly/Dockerfile +++ b/rulemgt-standalone/src/main/assembly/Dockerfile @@ -45,11 +45,17 @@ ADD holmes-frontend.key /etc/ssl/private ADD holmes-frontend-selfsigned.crt /etc/ssl/certs ADD dhparam.pem /etc/ssl/certs +#switch the user to holmes +RUN addgroup -S holmes && adduser -S -G holmes holmes + #add the backend package to the docker image RUN mkdir /home/holmes WORKDIR /home/holmes ADD holmes-rulemgt-standalone-*-linux64.tar.gz /home/holmes/ +RUN chmod -R a+rw /home/holmes/ +RUN chmod -R a+rw /var/log/ RUN chmod 755 /home/holmes/bin/*.sh +USER holmes CMD ["sh", "/home/holmes/bin/run.sh"] |