Skip to content

Commit

Permalink
Change owner of /opt/keypass files
Browse files Browse the repository at this point in the history 
Previous versions of keypass (1.9.0 and below) had all files in `/opt/keypass` belong to UID 1000. This made it possible to run the container with an unprivileged user (1000).

Version 1.11.0 dropped the `chown` from the Dockerfile and had all files in /opt/keypass owned by root.

Since the `keypass-entrypoint.sh` performs some inline changes with `sed -i` in `/opt/keypass/config.yml`, it has to be run as root. Which breaks some security constraints in openshift.

This PR restores ownership of the `/opt/keypass` folder to UID 1000, keeping backward compatibility with the security policy configured for keypass 1.9.0
  • Loading branch information
@rg2011
rg2011 authored Sep 16, 2024
1 parent 8080417 commit 80f922d
Showing 1 changed file with 2 additions and 1 deletion.
3 changes: 2 additions & 1 deletion Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,8 @@ RUN \
apt-get -y remove maven && \
apt-get -y autoremove --purge && \
# Don't need old log files inside docker images
rm -f /var/log/*log
rm -f /var/log/*log && \
chown -R 1000:1000 /opt/keypass

# Define the entry point
ENTRYPOINT ["/opt/keypass/keypass-entrypoint.sh"]
Expand Down

0 comments on commit 80f922d

Please sign in to comment.