diff options
author | Huabing Zhao <zhaohuabing@gmail.com> | 2019-04-10 09:09:19 +0000 |
---|---|---|
committer | Huabing Zhao <zhaohuabing@gmail.com> | 2019-04-10 09:10:15 +0000 |
commit | 6aa307c93bb05223f8b0c797b6425041a298955e (patch) | |
tree | b50a7b535a8fa2bda7af3e86489a007a8ade555d /distributions/msb-discovery/src/main/docker | |
parent | b9bf181a6ece4f03735e75c6af350690cef24787 (diff) |
Run discovery as non-root user
Change-Id: I97ef4a92f991cd6d72a38b293ec14620050cad9e
Issue-ID: MSB-321
Signed-off-by: Huabing Zhao <zhaohuabing@gmail.com>
Diffstat (limited to 'distributions/msb-discovery/src/main/docker')
-rw-r--r-- | distributions/msb-discovery/src/main/docker/Dockerfile | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/distributions/msb-discovery/src/main/docker/Dockerfile b/distributions/msb-discovery/src/main/docker/Dockerfile index 747790f..2058233 100644 --- a/distributions/msb-discovery/src/main/docker/Dockerfile +++ b/distributions/msb-discovery/src/main/docker/Dockerfile @@ -5,6 +5,14 @@ COPY msb-discover*.tar.gz /usr/src RUN tar -xzf /usr/src/msb-discover*.tar.gz -C /usr/local --strip-components=1; \
rm /usr/src/msb-discover*.tar.gz
+RUN apk add --no-cache shadow sudo && \
+ addgroup -g 1000 msb && \
+ adduser -D -u 1000 -G msb msb && \
+ echo "msb ALL=(root) NOPASSWD:ALL" > /etc/sudoers.d/msb && \
+ chmod 0440 /etc/sudoers.d/msb && \
+ chown -R msb:msb /usr/local
+USER msb
+
WORKDIR /usr/local
EXPOSE 10081
-ENTRYPOINT exec $PWD/startup4docker.sh
\ No newline at end of file +ENTRYPOINT exec $PWD/startup4docker.sh
|