mirror of
https://github.com/yacy/yacy_search_server.git
synced 2024-09-19 00:01:41 +02:00
Set process as non-root with "USER" instruction.
Thus there is no need to get sudo package.
This commit is contained in:
parent
e180170152
commit
59e4f29687
|
@ -7,8 +7,7 @@ FROM java:latest
|
|||
RUN apt-get update && apt-get install -yq \
|
||||
ant \
|
||||
git \
|
||||
curl \
|
||||
sudo
|
||||
curl
|
||||
|
||||
# trace java version
|
||||
RUN java -version
|
||||
|
@ -50,5 +49,8 @@ EXPOSE 8090
|
|||
# Set data volume : yacy data and configuration will persist aven after container stop or destruction
|
||||
VOLUME ["/opt/yacy_search_server/DATA"]
|
||||
|
||||
# Start yacy as non-root process in debug mode (-d) to display console logs and to wait for yacy process
|
||||
CMD sudo -u yacy sh /opt/yacy_search_server/startYACY.sh -d
|
||||
# Next commands run as yacy as non-root user for improved security
|
||||
USER yacy
|
||||
|
||||
# Start yacy in debug mode (-d) to display console logs and to wait for yacy process
|
||||
CMD sh /opt/yacy_search_server/startYACY.sh -d
|
||||
|
|
Loading…
Reference in New Issue
Block a user