MIRRORS/layerindex-web
1
0
Fork 0
mirror of git://git.yoctoproject.org/layerindex-web.git synced 2025-07-19 20:59:01 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity

docker: ensure application files are owned by root

Browse Source 
We really don't want the layers user to be able to write to the
application code / settings in /opt/workdir or /opt/bin within the
layersapp container - only selected directories under /opt. It appears
that we only need to set the ownership on /opt/workdir for now.

Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
This commit is contained in:
Paul Eggleton 2019-05-09 17:21:35 +12:00
parent 3cd5976a7a
commit 145ddcf4ba
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Dockerfile
View File

@ -60,7 +60,7 @@ COPY docker/migrate.sh /opt/migrate.sh
RUN mkdir /opt/workdir \ RUN mkdir /opt/workdir \
&& adduser --system --uid=500 layers \ && adduser --system --uid=500 layers \
&& chown -R layers /opt && chown -R layers /opt/workdir
USER layers USER layers
# Always copy in .gitconfig and proxy helper script (they need editing to be active) # Always copy in .gitconfig and proxy helper script (they need editing to be active)