From 232a02fd14424655d88f249c76ff792d847aded7 Mon Sep 17 00:00:00 2001 From: yangyan Date: Wed, 4 Mar 2020 21:06:28 +0800 Subject: Remove sudo capability for onap user for VF-C multivimproxy docker Change-Id: Iea8cff3de24280e809ee63d769aba67ae59039b0 Issue-ID: VFC-1640 Signed-off-by: yangyan --- docker/docker-env-config.sh | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/docker/docker-env-config.sh b/docker/docker-env-config.sh index 557fbc1..3c8cb18 100644 --- a/docker/docker-env-config.sh +++ b/docker/docker-env-config.sh @@ -4,10 +4,8 @@ install_sf(){ sed -i 's/enabled=1/enabled=0/' /etc/yum/pluginconf.d/fastestmirror.conf sed -i 's|#baseurl=http://mirror.centos.org/centos|baseurl=http://mirrors.ocf.berkeley.edu/centos|' /etc/yum.repos.d/*.repo yum update -y - yum install -y wget unzip socat java-1.8.0-openjdk-headless sed -i 's|#networkaddress.cache.ttl=-1|networkaddress.cache.ttl=10|' /usr/lib/jvm/jre/lib/security/java.security - # Set up tomcat wget -q https://archive.apache.org/dist/tomcat/tomcat-8/v8.5.30/bin/apache-tomcat-8.5.30.tar.gz && \ tar --strip-components=1 -xf apache-tomcat-8.5.30.tar.gz && \ @@ -30,15 +28,14 @@ install_sf(){ add_user(){ useradd onap - yum -y install sudo - chmod u+x /etc/sudoers - sed -i '/Same thing without a password/a\onap ALL=(ALL:ALL) NOPASSWD:ALL' /etc/sudoers - chmod u-x /etc/sudoers chown onap:onap -R /service + chmod g+s /service + setfacl -d --set u:onap:rwx /service + } clean_sf_cache(){ - + yum clean all } -- cgit 1.2.3-korg