From ffc718e8c06e7ceb215341e1d39e0f56ce35ec30 Mon Sep 17 00:00:00 2001 From: Paul Tiedtke Date: Fri, 27 Mar 2020 06:45:55 +0100 Subject: [PATCH] docker: add support for arbitrary user ids (for OpenShift compatibility) This solves a compatibility problem with OpenShift. In OpenShift security model, the containers are run by arbitrary user ids, but the users are always a member of the root group. This PR adjusts the permissions accordingly. Documentation reference: https://docs.openshift.com/container-platform/3.11/creating_images/guidelines.html#use-uid --- Dockerfile | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/Dockerfile b/Dockerfile index 509961261..4ff9f2ffa 100644 --- a/Dockerfile +++ b/Dockerfile @@ -25,13 +25,13 @@ ENV NODE_ENV=development # that do not allow images running as root. RUN useradd --uid 5001 --create-home etherpad -RUN mkdir /opt/etherpad-lite && chown etherpad:etherpad /opt/etherpad-lite +RUN mkdir /opt/etherpad-lite && chown etherpad:0 /opt/etherpad-lite -USER etherpad:etherpad +USER etherpad WORKDIR /opt/etherpad-lite -COPY --chown=etherpad:etherpad ./ ./ +COPY --chown=etherpad:0 ./ ./ # install node dependencies for Etherpad RUN bin/installDeps.sh && \ @@ -44,7 +44,10 @@ RUN bin/installDeps.sh && \ RUN for PLUGIN_NAME in ${ETHERPAD_PLUGINS}; do npm install "${PLUGIN_NAME}"; done # Copy the configuration file. -COPY --chown=etherpad:etherpad ./settings.json.docker /opt/etherpad-lite/settings.json +COPY --chown=etherpad:0 ./settings.json.docker /opt/etherpad-lite/settings.json + +# Fix permissions for root group +RUN chmod -R g=u . EXPOSE 9001 CMD ["node", "node_modules/ep_etherpad-lite/node/server.js"]