Merge pull request #5263

22136256 Start monerod as non root user (Jean-Michel DILLY)
author: Riccardo Spagni <ric@spagni.net> 2019-03-21 14:49:53 +0200
committer: Riccardo Spagni <ric@spagni.net> 2019-03-21 14:49:53 +0200
commit: 7329a27e1444e34599d3201a339509538314e7e5 (patch)
tree: a5be1218a6febeea81c5b1e0c655b4af5297ebbd
parent: Merge pull request #5259 (diff)
parent: Start monerod as non root user (diff)
download: monero-7329a27e1444e34599d3201a339509538314e7e5.tar.xz
1 files changed, 10 insertions, 1 deletions
diff --git a/Dockerfile b/Dockerfile
index 9fe7cfb8f..d932e0173 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -185,8 +185,14 @@ RUN set -ex && \
     rm -rf /var/lib/apt
 COPY --from=builder /src/build/release/bin /usr/local/bin/
 
+# Create monero user
+RUN adduser --system --group --disabled-password monero && \
+	mkdir -p /wallet /home/monero/.bitmonero && \
+	chown -R monero:monero /home/monero/.bitmonero && \
+	chown -R monero:monero /wallet
+
 # Contains the blockchain
-VOLUME /root/.bitmonero
+VOLUME /home/monero/.bitmonero
 
 # Generate your wallet via accessing the container and run:
 # cd /wallet
@@ -196,5 +202,8 @@ VOLUME /wallet
 EXPOSE 18080
 EXPOSE 18081
 
+# switch to user monero
+USER monero
+
 ENTRYPOINT ["monerod", "--p2p-bind-ip=0.0.0.0", "--p2p-bind-port=18080", "--rpc-bind-ip=0.0.0.0", "--rpc-bind-port=18081", "--non-interactive", "--confirm-external-bind"]
author	Riccardo Spagni <ric@spagni.net>	2019-03-21 14:49:53 +0200
committer	Riccardo Spagni <ric@spagni.net>	2019-03-21 14:49:53 +0200
commit	7329a27e1444e34599d3201a339509538314e7e5 (patch)
tree	a5be1218a6febeea81c5b1e0c655b4af5297ebbd
parent	Merge pull request #5259 (diff)
parent	Start monerod as non root user (diff)
download	monero-7329a27e1444e34599d3201a339509538314e7e5.tar.xz