diff options
author | Huabing Zhao <zhaohuabing@gmail.com> | 2019-04-10 08:33:58 +0000 |
---|---|---|
committer | Huabing Zhao <zhaohuabing@gmail.com> | 2019-04-10 08:42:27 +0000 |
commit | 1db162bfcd9acafa3a19c80e3943f568c9f8874a (patch) | |
tree | ca4987460ffa8a9e6989cbb42cce14d62f89eeaf /distributions | |
parent | 4b2a245470e75932931cb47f97e2835ed7cd5778 (diff) |
Run API Gateway as non-root user
Change-Id: Iea0f47a7f425b7c812ee683af496b8a6b96dce13
Issue-ID: MSB-320
Signed-off-by: Huabing Zhao <zhaohuabing@gmail.com>
Diffstat (limited to 'distributions')
-rw-r--r-- | distributions/msb-apigateway/src/main/docker/Dockerfile | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/distributions/msb-apigateway/src/main/docker/Dockerfile b/distributions/msb-apigateway/src/main/docker/Dockerfile index 466dc20..35de11e 100644 --- a/distributions/msb-apigateway/src/main/docker/Dockerfile +++ b/distributions/msb-apigateway/src/main/docker/Dockerfile @@ -4,6 +4,13 @@ COPY msb-apigateway*.tar.gz /usr/src RUN tar -xzf /usr/src/msb-apigateway*.tar.gz -C /usr/local --strip-components=1; \
rm /usr/src/msb-apigateway*.tar.gz
-
+RUN apk add --no-cache shadow sudo && \ + addgroup -g 1000 msb && \ + adduser -D -u 1000 -G msb msb && \ + echo "msb ALL=(root) NOPASSWD:ALL" > /etc/sudoers.d/msb && \ + chmod 0440 /etc/sudoers.d/msb && \ + chown -R msb:msb /usr/local +USER msb + WORKDIR /usr/local
ENTRYPOINT exec $PWD/startup4docker.sh |