diff --git a/Dockerfile b/Dockerfile index 199842d..a7c5609 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,7 +1,7 @@ FROM alpine:3.12 MAINTAINER "EEA: IDM2 A-Team" -RUN apk add --no-cache --virtual .run-deps rsync openssh tzdata curl ca-certificates && rm -rf /var/cache/apk/* +RUN apk add --no-cache --virtual .run-deps su-exec rsync openssh tzdata curl ca-certificates && rm -rf /var/cache/apk/* COPY docker-entrypoint.sh / ENTRYPOINT ["/docker-entrypoint.sh"] diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh index 1cf16e6..20034b5 100755 --- a/docker-entrypoint.sh +++ b/docker-entrypoint.sh @@ -16,10 +16,12 @@ if [ "$RSYNC_UID" != "" ] && [ "$RSYNC_GID" != "" ]; then echo "rsyncuser:x:$RSYNC_UID:$RSYNC_GID::/home/rsyncuser:/bin/sh" >> /etc/passwd echo "users:x:$RSYNC_GID:rsyncuser" >> /etc/group RSYNC_USER=rsyncuser + RSYNC_GROUP=users else # UID and GID not provided echo "UID and GID are NOT provided. Proceeding as the root user." RSYNC_USER=root + RSYNC_GROUP=root fi # Provide SSH_AUTH_KEY_* via environment variable @@ -72,7 +74,7 @@ if [ "$1" == "server" ]; then echo "Running: /usr/sbin/sshd $SSH_PARAMS " echo "================================================================================" - exec /usr/sbin/sshd -D $SSH_PARAMS + su-exec $RSYNC_USER:$RSYNC_GROUP /usr/sbin/sshd -D $SSH_PARAMS fi echo "Please add this ssh key to your server /home/user/.ssh/authorized_keys " @@ -85,10 +87,10 @@ echo "========================================================================== ################################################################################ if [ "$1" == "client" ]; then - exec /usr/sbin/crond -f + su-exec $RSYNC_USER:$RSYNC_GROUP /usr/sbin/crond -f fi ################################################################################ # Anything else ################################################################################ -exec "$@" +su-exec $RSYNC_USER:$RSYNC_GROUP "$@"