From 6ddae45ba68ddc13b281fedd4c9a09404dc7bcf9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jan=20H=C3=B8ydahl?= Date: Wed, 28 Jun 2023 15:11:39 +0200 Subject: [PATCH 1/2] Run Zookeeper container with user 'zookeeper' instead of root Fixes #538 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Jan Høydahl --- docker/Dockerfile | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docker/Dockerfile b/docker/Dockerfile index 1ef1fbdc..50aa9e6c 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -22,3 +22,5 @@ COPY --from=0 /zu/build/libs/zu.jar /opt/libs/ RUN apt-get -q update && \ apt-get install -y dnsutils curl procps socat + +USER zookeeper \ No newline at end of file From 137ed8f13bddad3739d280deab47380d797e857c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jan=20H=C3=B8ydahl?= Date: Wed, 28 Jun 2023 15:27:32 +0200 Subject: [PATCH 2/2] Change ownership of files from this dockerfile to 'zookeeper' MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Jan Høydahl --- docker/Dockerfile | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/docker/Dockerfile b/docker/Dockerfile index 50aa9e6c..5a01563e 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -17,10 +17,11 @@ RUN ./gradlew --console=verbose --info shadowJar FROM ${DOCKER_REGISTRY:+$DOCKER_REGISTRY/}zookeeper:3.7.1 COPY bin /usr/local/bin -RUN chmod +x /usr/local/bin/* COPY --from=0 /zu/build/libs/zu.jar /opt/libs/ RUN apt-get -q update && \ + chmod +x /usr/local/bin/* && \ + chown zookeeper:zookeeper /usr/local/bin/* /opt/libs/* && \ apt-get install -y dnsutils curl procps socat USER zookeeper \ No newline at end of file