From 50dbe8e2444cfc171930cb82cc99017f6a0aadf2 Mon Sep 17 00:00:00 2001 From: Federico Gimenez Date: Thu, 5 Apr 2018 14:14:32 +0200 Subject: [PATCH] Dockerfile: use non-privileged user account (#16052) --- Dockerfile | 6 ++++++ Dockerfile.alltools | 6 ++++++ 2 files changed, 12 insertions(+) diff --git a/Dockerfile b/Dockerfile index 29cdc80f96..a5f450d19b 100644 --- a/Dockerfile +++ b/Dockerfile @@ -12,5 +12,11 @@ FROM alpine:latest RUN apk add --no-cache ca-certificates COPY --from=builder /go-ethereum/build/bin/geth /usr/local/bin/ +RUN addgroup -g 1000 geth && \ + adduser -h /root -D -u 1000 -G geth geth && \ + chown geth:geth /root + +USER geth + EXPOSE 8545 8546 30303 30303/udp 30304/udp ENTRYPOINT ["geth"] diff --git a/Dockerfile.alltools b/Dockerfile.alltools index 1047738d25..2175edbcb7 100644 --- a/Dockerfile.alltools +++ b/Dockerfile.alltools @@ -12,4 +12,10 @@ FROM alpine:latest RUN apk add --no-cache ca-certificates COPY --from=builder /go-ethereum/build/bin/* /usr/local/bin/ +RUN addgroup -g 1000 geth && \ + adduser -h /root -D -u 1000 -G geth geth \ + chown geth:geth /root + +USER geth + EXPOSE 8545 8546 30303 30303/udp 30304/udp