Start monerod as non root user

author: Jean-Michel DILLY <jm@dilly.me> 2019-03-09 23:22:03 +0100
committer: Jean-Michel DILLY <jm@dilly.me> 2019-03-09 23:22:03 +0100
commit: 22136256a4178e4121db29baee8d809af013a25b (patch)
tree: eaf6afcf707b4594a6e23d94407e6a07628e6e93 /Dockerfile
parent: Merge pull request #5232 (diff)
download: monero-22136256a4178e4121db29baee8d809af013a25b.tar.xz
1 files changed, 10 insertions, 1 deletions
diff --git a/Dockerfile b/Dockerfile
index 9fe7cfb8f..d932e0173 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -185,8 +185,14 @@ RUN set -ex && \
     rm -rf /var/lib/apt
 COPY --from=builder /src/build/release/bin /usr/local/bin/
 
+# Create monero user
+RUN adduser --system --group --disabled-password monero && \
+	mkdir -p /wallet /home/monero/.bitmonero && \
+	chown -R monero:monero /home/monero/.bitmonero && \
+	chown -R monero:monero /wallet
+
 # Contains the blockchain
-VOLUME /root/.bitmonero
+VOLUME /home/monero/.bitmonero
 
 # Generate your wallet via accessing the container and run:
 # cd /wallet
@@ -196,5 +202,8 @@ VOLUME /wallet
 EXPOSE 18080
 EXPOSE 18081
 
+# switch to user monero
+USER monero
+
 ENTRYPOINT ["monerod", "--p2p-bind-ip=0.0.0.0", "--p2p-bind-port=18080", "--rpc-bind-ip=0.0.0.0", "--rpc-bind-port=18081", "--non-interactive", "--confirm-external-bind"]
author	Jean-Michel DILLY <jm@dilly.me>	2019-03-09 23:22:03 +0100
committer	Jean-Michel DILLY <jm@dilly.me>	2019-03-09 23:22:03 +0100
commit	22136256a4178e4121db29baee8d809af013a25b (patch)
tree	eaf6afcf707b4594a6e23d94407e6a07628e6e93 /Dockerfile
parent	Merge pull request #5232 (diff)
download	monero-22136256a4178e4121db29baee8d809af013a25b.tar.xz