From f05753be7172213300557f9edec4eee9c9d29ce7 Mon Sep 17 00:00:00 2001 From: Sam Erika Clotfelter Date: Sun, 10 Mar 2024 13:55:20 -0400 Subject: [PATCH 1/3] set group in COPY --- Dockerfile | 2 +- Dockerfile.dev | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/Dockerfile b/Dockerfile index 65c5e681..4774dc04 100644 --- a/Dockerfile +++ b/Dockerfile @@ -20,7 +20,7 @@ WORKDIR /app RUN adduser radicale --home /var/lib/radicale --system --uid 1000 --disabled-password \ && apk add --no-cache ca-certificates openssl -COPY --chown=radicale --from=builder /app/venv /app +COPY --chown=radicale:nogroup --from=builder /app/venv /app # Persistent storage for data VOLUME /var/lib/radicale diff --git a/Dockerfile.dev b/Dockerfile.dev index b2d996ce..892f40a4 100644 --- a/Dockerfile.dev +++ b/Dockerfile.dev @@ -18,7 +18,7 @@ WORKDIR /app RUN adduser radicale --home /var/lib/radicale --system --uid 1000 --disabled-password \ && apk add --no-cache ca-certificates openssl -COPY --chown=radicale --from=builder /app/venv /app +COPY --chown=radicale:nogroup --from=builder /app/venv /app # Persistent storage for data VOLUME /var/lib/radicale @@ -28,4 +28,4 @@ EXPOSE 5232 ENTRYPOINT [ "/app/bin/python", "/app/bin/radicale"] CMD ["--hosts", "0.0.0.0:5232"] -USER radicale \ No newline at end of file +USER radicale From a8a7e23a374836fb630a2dfa6a134f361693964d Mon Sep 17 00:00:00 2001 From: Sam Erika Clotfelter Date: Wed, 13 Mar 2024 00:04:29 -0400 Subject: [PATCH 2/3] create radicale group --- Dockerfile | 5 +++-- Dockerfile.dev | 5 +++-- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/Dockerfile b/Dockerfile index 4774dc04..3e99543e 100644 --- a/Dockerfile +++ b/Dockerfile @@ -17,10 +17,11 @@ FROM python:3-alpine WORKDIR /app -RUN adduser radicale --home /var/lib/radicale --system --uid 1000 --disabled-password \ +RUN addgroup radicale \ + && adduser radicale --home /var/lib/radicale --system --uid 1000 --disabled-password -G radicale \ && apk add --no-cache ca-certificates openssl -COPY --chown=radicale:nogroup --from=builder /app/venv /app +COPY --chown=radicale:radicale --from=builder /app/venv /app # Persistent storage for data VOLUME /var/lib/radicale diff --git a/Dockerfile.dev b/Dockerfile.dev index 892f40a4..0d9abe05 100644 --- a/Dockerfile.dev +++ b/Dockerfile.dev @@ -15,10 +15,11 @@ FROM python:3-alpine WORKDIR /app -RUN adduser radicale --home /var/lib/radicale --system --uid 1000 --disabled-password \ +RUN addgroup radicale \ + && adduser radicale --home /var/lib/radicale --system --uid 1000 --disabled-password -G radicale \ && apk add --no-cache ca-certificates openssl -COPY --chown=radicale:nogroup --from=builder /app/venv /app +COPY --chown=radicale:radicale --from=builder /app/venv /app # Persistent storage for data VOLUME /var/lib/radicale From 8b4e28a179b0b65f4e101d14aacec2bcdac8ee7b Mon Sep 17 00:00:00 2001 From: Sam Erika Clotfelter Date: Wed, 13 Mar 2024 00:19:41 -0400 Subject: [PATCH 3/3] set group id explicitly --- Dockerfile | 2 +- Dockerfile.dev | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 3e99543e..914d06a9 100644 --- a/Dockerfile +++ b/Dockerfile @@ -17,7 +17,7 @@ FROM python:3-alpine WORKDIR /app -RUN addgroup radicale \ +RUN addgroup -g 1000 radicale \ && adduser radicale --home /var/lib/radicale --system --uid 1000 --disabled-password -G radicale \ && apk add --no-cache ca-certificates openssl diff --git a/Dockerfile.dev b/Dockerfile.dev index 0d9abe05..36ff98e5 100644 --- a/Dockerfile.dev +++ b/Dockerfile.dev @@ -15,7 +15,7 @@ FROM python:3-alpine WORKDIR /app -RUN addgroup radicale \ +RUN addgroup -g 1000 radicale \ && adduser radicale --home /var/lib/radicale --system --uid 1000 --disabled-password -G radicale \ && apk add --no-cache ca-certificates openssl