chore: define user directory for binaries (#117)

* chore: define user directory for binaries Signed-off-by: Vitaliy Gulyy <[email protected]>
devfile · Sep 6, 2023 · 4304474 · 4304474
1 parent 1f83bab
commit 4304474
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 3 deletions.
diff --git a/universal/ubi8/Dockerfile b/universal/ubi8/Dockerfile
@@ -79,6 +79,11 @@ ENV KUBECONFIG=/home/user/.kube/config
 
 USER 0
 
+# Define user directory for binaries
+RUN mkdir -p /home/user/.local/bin && \
+    chgrp -R 0 /home && chmod -R g=u /home
+ENV PATH="/home/user/.local/bin:$PATH"
+
 # Required packages for AWT
 RUN dnf install -y libXext libXrender libXtst libXi
 
@@ -445,7 +450,7 @@ rm -rf "${TEMP_DIR}"
 EOF
 
 # Set permissions on /etc/passwd and /home to allow arbitrary users to write
-RUN mkdir -p /home/user && chgrp -R 0 /home && chmod -R g=u /etc/passwd /etc/group /home
+RUN chgrp -R 0 /home && chmod -R g=u /etc/passwd /etc/group /home
 
 # cleanup dnf cache
 RUN dnf -y clean all --enablerepo='*'

diff --git a/universal/ubi8/entrypoint.sh b/universal/ubi8/entrypoint.sh
@@ -26,7 +26,6 @@ if [ "${KUBEDOCK_ENABLED:-false}" = "true" ]; then
 
     echo "Replacing podman with podman-wrapper..."
 
-    mkdir -p /home/user/.local/bin/
     ln -f -s /usr/bin/podman.wrapper /home/user/.local/bin/podman
 
     export TESTCONTAINERS_RYUK_DISABLED="true"
@@ -39,7 +38,6 @@ else
     echo "Kubedock is disabled. It can be enabled with the env variable \"KUBEDOCK_ENABLED=true\""
     echo "set in the workspace Devfile or in a Kubernetes ConfigMap in the developer namespace."
     echo
-    mkdir -p /home/user/.local/bin/
     ln -f -s /usr/bin/podman.orig /home/user/.local/bin/podman
 fi