Skip to content

Commit

Permalink
ROX-20855: Reduce user permissions over docker-entrypoint.sh (#1542)
Browse files Browse the repository at this point in the history
  • Loading branch information
@msugakov
msugakov authored Jun 7, 2024
1 parent 0d41d4b commit c0dc1f0
Show file tree
Hide file tree
Showing 3 changed files with 1 addition and 7 deletions.
2 changes: 0 additions & 2 deletions image/db/rhel/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -73,8 +73,6 @@ RUN microdnf upgrade -y --nobest && \
rpm -e --nodeps $(rpm -qa shadow-utils curl '*rpm*' '*dnf*' '*libsolv*' '*hawkey*' 'yum*') && \
rm -rf /var/cache/dnf /var/cache/yum /tmp/postgres-libs.rpm /tmp/postgres-server.rpm /tmp/postgres.rpm /tmp/postgres-contrib.rpm && \
localedef -f UTF-8 -i en_US en_US.UTF-8 && \
chown postgres:postgres /usr/local/bin/docker-entrypoint.sh && \
chmod +x /usr/local/bin/docker-entrypoint.sh && \
mkdir /docker-entrypoint-initdb.d

# This is equivalent to postgres:postgres.
Expand Down
2 changes: 0 additions & 2 deletions image/db/rhel/Dockerfile.slim
View file
Original file line number Diff line number Diff line change
Expand Up @@ -73,8 +73,6 @@ RUN microdnf upgrade -y --nobest && \
rpm -e --nodeps $(rpm -qa shadow-utils curl '*rpm*' '*dnf*' '*libsolv*' '*hawkey*' 'yum*') && \
rm -rf /var/cache/dnf /var/cache/yum /tmp/postgres-libs.rpm /tmp/postgres-server.rpm /tmp/postgres.rpm /tmp/postgres-contrib.rpm && \
localedef -f UTF-8 -i en_US en_US.UTF-8 && \
chown postgres:postgres /usr/local/bin/docker-entrypoint.sh && \
chmod +x /usr/local/bin/docker-entrypoint.sh && \
mkdir /docker-entrypoint-initdb.d

# This is equivalent to postgres:postgres.
Expand Down
4 changes: 1 addition & 3 deletions image/db/rhel/konflux.Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,8 +19,7 @@ COPY image/db/pg_hba.conf \
image/db/postgresql.conf \
/etc/

COPY --chown=postgres:postgres \
image/db/rhel/scripts/docker-entrypoint.sh \
COPY image/db/rhel/scripts/docker-entrypoint.sh \
/usr/local/bin/

RUN dnf upgrade -y --nobest && \
Expand All @@ -33,7 +32,6 @@ RUN dnf upgrade -y --nobest && \
dnf clean all && \
rpm --verbose -e --nodeps $(rpm -qa curl '*rpm*' '*dnf*' '*libsolv*' '*hawkey*' 'yum*') && \
rm -rf /var/cache/dnf /var/cache/yum && \
chmod +x /usr/local/bin/docker-entrypoint.sh && \
mkdir /docker-entrypoint-initdb.d

ENV PG_MAJOR=15 \
Expand Down

0 comments on commit c0dc1f0

Please sign in to comment.