aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorFederico Gimenez <fgimenez@users.noreply.github.com>2018-04-05 20:14:32 +0800
committerFelix Lange <fjl@users.noreply.github.com>2018-04-05 20:14:32 +0800
commit50dbe8e2444cfc171930cb82cc99017f6a0aadf2 (patch)
tree91a0c7541a4b73a293e60d89d0555bc72ed69a82
parentec8ee611caefb5c5ad5d796178e94c1919260df4 (diff)
downloadgo-tangerine-50dbe8e2444cfc171930cb82cc99017f6a0aadf2.tar.gz
go-tangerine-50dbe8e2444cfc171930cb82cc99017f6a0aadf2.tar.zst
go-tangerine-50dbe8e2444cfc171930cb82cc99017f6a0aadf2.zip
Dockerfile: use non-privileged user account (#16052)
-rw-r--r--Dockerfile6
-rw-r--r--Dockerfile.alltools6
2 files changed, 12 insertions, 0 deletions
diff --git a/Dockerfile b/Dockerfile
index 29cdc80f9..a5f450d19 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -12,5 +12,11 @@ FROM alpine:latest
RUN apk add --no-cache ca-certificates
COPY --from=builder /go-ethereum/build/bin/geth /usr/local/bin/
+RUN addgroup -g 1000 geth && \
+ adduser -h /root -D -u 1000 -G geth geth && \
+ chown geth:geth /root
+
+USER geth
+
EXPOSE 8545 8546 30303 30303/udp 30304/udp
ENTRYPOINT ["geth"]
diff --git a/Dockerfile.alltools b/Dockerfile.alltools
index 1047738d2..2175edbcb 100644
--- a/Dockerfile.alltools
+++ b/Dockerfile.alltools
@@ -12,4 +12,10 @@ FROM alpine:latest
RUN apk add --no-cache ca-certificates
COPY --from=builder /go-ethereum/build/bin/* /usr/local/bin/
+RUN addgroup -g 1000 geth && \
+ adduser -h /root -D -u 1000 -G geth geth \
+ chown geth:geth /root
+
+USER geth
+
EXPOSE 8545 8546 30303 30303/udp 30304/udp