From 9ddf2819db0994ddbaab97159e78b1758718cd2b Mon Sep 17 00:00:00 2001
From: Pawel Wieczorek
Date: Mon, 30 Mar 2020 11:40:12 +0200
Subject: Migrate Dockerfile.be to unprivileged user
Issue-ID: PORTAL-849
Change-Id: I58fe742980a24039114033a82fe785a1093391bf
Signed-off-by: Pawel Wieczorek
(cherry picked from commit 047385e55632a1dd6398e414aa82397f380e449f)
---
deliveries/Dockerfile.be | 2 ++
1 file changed, 2 insertions(+)
(limited to 'deliveries/Dockerfile.be')
diff --git a/deliveries/Dockerfile.be b/deliveries/Dockerfile.be
index afc39816..21bb1a2c 100644
--- a/deliveries/Dockerfile.be
+++ b/deliveries/Dockerfile.be
@@ -39,7 +39,9 @@ RUN cd ${PORTALCONTEXT} && unzip -q *.war && rm *.war
VOLUME ${TOMCATHOME}/logs
+# Switch to unprivileged user
RUN addgroup -g 1000 -S portal && adduser -u 1000 -S portal -G portal && chown -R portal:portal . && chmod -R 777 /etc/ssl/certs/java /var/
+USER portal
# Switch back to root
WORKDIR /
--
cgit 1.2.3-korg