Commit 0cae071e5abb727175f72b394c2f6c1ae1e1a4e1
Committed by
GitHub
GitHub
1 parent
1599b24c
Make executable files to be able to run by non root and non thingsboa… (#2698)
* Make executable files to be able to run by non root and non thingsboard user (to be in sync with OpenShift policies) * Added default yes to agreement
Showing
6 changed files
with
18 additions
and
6 deletions
| ... | ... | @@ -21,10 +21,12 @@ COPY start-js-executor.sh ${pkg.name}.deb /tmp/ |
| 21 | 21 | RUN chmod a+x /tmp/*.sh \ |
| 22 | 22 | && mv /tmp/start-js-executor.sh /usr/bin |
| 23 | 23 | |
| 24 | -RUN dpkg -i /tmp/${pkg.name}.deb | |
| 24 | +RUN yes | dpkg -i /tmp/${pkg.name}.deb | |
| 25 | 25 | |
| 26 | 26 | RUN update-rc.d ${pkg.name} disable |
| 27 | 27 | |
| 28 | +RUN chmod 555 ${pkg.installFolder}/bin/${pkg.name} | |
| 29 | + | |
| 28 | 30 | USER ${pkg.user} |
| 29 | 31 | |
| 30 | 32 | CMD ["start-js-executor.sh"] | ... | ... |
| ... | ... | @@ -21,12 +21,14 @@ COPY start-tb-node.sh ${pkg.name}.deb /tmp/ |
| 21 | 21 | RUN chmod a+x /tmp/*.sh \ |
| 22 | 22 | && mv /tmp/start-tb-node.sh /usr/bin |
| 23 | 23 | |
| 24 | -RUN dpkg -i /tmp/${pkg.name}.deb | |
| 24 | +RUN yes | dpkg -i /tmp/${pkg.name}.deb | |
| 25 | 25 | |
| 26 | 26 | RUN systemctl --no-reload disable --now ${pkg.name}.service > /dev/null 2>&1 || : |
| 27 | 27 | |
| 28 | 28 | RUN chown -R ${pkg.user}:${pkg.user} /tmp |
| 29 | 29 | |
| 30 | +RUN chmod 555 ${pkg.installFolder}/bin/${pkg.name}.jar | |
| 31 | + | |
| 30 | 32 | USER ${pkg.user} |
| 31 | 33 | |
| 32 | 34 | CMD ["start-tb-node.sh"] | ... | ... |
| ... | ... | @@ -21,10 +21,12 @@ COPY start-tb-coap-transport.sh ${pkg.name}.deb /tmp/ |
| 21 | 21 | RUN chmod a+x /tmp/*.sh \ |
| 22 | 22 | && mv /tmp/start-tb-coap-transport.sh /usr/bin |
| 23 | 23 | |
| 24 | -RUN dpkg -i /tmp/${pkg.name}.deb | |
| 24 | +RUN yes | dpkg -i /tmp/${pkg.name}.deb | |
| 25 | 25 | |
| 26 | 26 | RUN update-rc.d ${pkg.name} disable |
| 27 | 27 | |
| 28 | +RUN chmod 555 ${pkg.installFolder}/bin/${pkg.name}.jar | |
| 29 | + | |
| 28 | 30 | USER ${pkg.user} |
| 29 | 31 | |
| 30 | 32 | CMD ["start-tb-coap-transport.sh"] | ... | ... |
| ... | ... | @@ -21,10 +21,12 @@ COPY start-tb-http-transport.sh ${pkg.name}.deb /tmp/ |
| 21 | 21 | RUN chmod a+x /tmp/*.sh \ |
| 22 | 22 | && mv /tmp/start-tb-http-transport.sh /usr/bin |
| 23 | 23 | |
| 24 | -RUN dpkg -i /tmp/${pkg.name}.deb | |
| 24 | +RUN yes | dpkg -i /tmp/${pkg.name}.deb | |
| 25 | 25 | |
| 26 | 26 | RUN update-rc.d ${pkg.name} disable |
| 27 | 27 | |
| 28 | +RUN chmod 555 ${pkg.installFolder}/bin/${pkg.name}.jar | |
| 29 | + | |
| 28 | 30 | USER ${pkg.user} |
| 29 | 31 | |
| 30 | 32 | CMD ["start-tb-http-transport.sh"] | ... | ... |
| ... | ... | @@ -21,10 +21,12 @@ COPY start-tb-mqtt-transport.sh ${pkg.name}.deb /tmp/ |
| 21 | 21 | RUN chmod a+x /tmp/*.sh \ |
| 22 | 22 | && mv /tmp/start-tb-mqtt-transport.sh /usr/bin |
| 23 | 23 | |
| 24 | -RUN dpkg -i /tmp/${pkg.name}.deb | |
| 24 | +RUN yes | dpkg -i /tmp/${pkg.name}.deb | |
| 25 | 25 | |
| 26 | 26 | RUN update-rc.d ${pkg.name} disable |
| 27 | 27 | |
| 28 | +RUN chmod 555 ${pkg.installFolder}/bin/${pkg.name}.jar | |
| 29 | + | |
| 28 | 30 | USER ${pkg.user} |
| 29 | 31 | |
| 30 | 32 | CMD ["start-tb-mqtt-transport.sh"] | ... | ... |
| ... | ... | @@ -21,10 +21,12 @@ COPY start-web-ui.sh ${pkg.name}.deb /tmp/ |
| 21 | 21 | RUN chmod a+x /tmp/*.sh \ |
| 22 | 22 | && mv /tmp/start-web-ui.sh /usr/bin |
| 23 | 23 | |
| 24 | -RUN dpkg -i /tmp/${pkg.name}.deb | |
| 24 | +RUN yes | dpkg -i /tmp/${pkg.name}.deb | |
| 25 | 25 | |
| 26 | 26 | RUN update-rc.d ${pkg.name} disable |
| 27 | 27 | |
| 28 | +RUN chmod 555 ${pkg.installFolder}/bin/${pkg.name} | |
| 29 | + | |
| 28 | 30 | USER ${pkg.user} |
| 29 | 31 | |
| 30 | 32 | CMD ["start-web-ui.sh"] | ... | ... |