Marown/yacy_search_server
1
0
Fork 0
mirror of https://github.com/yacy/yacy_search_server.git synced 2024-09-19 00:01:41 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity

Set process as non-root with "USER" instruction.

Browse Source 
Thus there is no need to get sudo package.
This commit is contained in:
luc 2016-05-31 09:50:37 +02:00
parent e180170152
commit 59e4f29687
1 changed files with 6 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
docker/Dockerfile
View File

@ -7,8 +7,7 @@ FROM java:latest
RUN apt-get update && apt-get install -yq \
ant \
git \
curl \
sudo
curl
# trace java version
RUN java -version
@ -50,5 +49,8 @@ EXPOSE 8090
# Set data volume : yacy data and configuration will persist aven after container stop or destruction
VOLUME ["/opt/yacy_search_server/DATA"]
# Start yacy as non-root process in debug mode (-d) to display console logs and to wait for yacy process
CMD sudo -u yacy sh /opt/yacy_search_server/startYACY.sh -d
# Next commands run as yacy as non-root user for improved security
USER yacy
# Start yacy in debug mode (-d) to display console logs and to wait for yacy process
CMD sh /opt/yacy_search_server/startYACY.sh -d