projects
/
lemmy.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
102124b
)
Update Dockerfile to run process as non-privileged user. (#3709)
author
asimons04
<69986579+asimons04@users.noreply.github.com>
Mon, 24 Jul 2023 13:51:51 +0000
(09:51 -0400)
committer
GitHub
<noreply@github.com>
Mon, 24 Jul 2023 13:51:51 +0000
(09:51 -0400)
docker/Dockerfile
patch
|
blob
|
history
diff --git
a/docker/Dockerfile
b/docker/Dockerfile
index e81d9d0c270e39ca90a08c00584a0b32892177d8..02c2e572c9e7c69f4744ca7b3836c3eec1ba191e 100644
(file)
--- a/
docker/Dockerfile
+++ b/
docker/Dockerfile
@@
-37,4
+37,9
@@
RUN apk add --no-cache libpq
# Copy resources
COPY --from=builder /app/lemmy_server /app/lemmy
+# Create non-privileged user
+RUN adduser -h /app -s sh -S -u 1000 lemmy
+RUN chown -R lemmy /app
+USER lemmy
+
CMD ["/app/lemmy"]