From 80f922d0c5e840a2fa5a7a4e9272f354f0948889 Mon Sep 17 00:00:00 2001
From: rg2011 <52279456+rg2011@users.noreply.github.com>
Date: Mon, 16 Sep 2024 11:52:40 +0200
Subject: [PATCH] Change owner of /opt/keypass files

Previous versions of keypass (1.9.0 and below) had all files in `/opt/keypass` belong to UID 1000. This made it possible to run the container with an unprivileged user (1000).

Version 1.11.0 dropped the `chown` from the Dockerfile and had all files in /opt/keypass owned by root.

Since the `keypass-entrypoint.sh` performs some inline changes with `sed -i` in `/opt/keypass/config.yml`, it has to be run as root. Which breaks some security constraints in openshift.

This PR restores ownership of the `/opt/keypass` folder to UID 1000, keeping backward compatibility with the security policy configured for keypass 1.9.0
---
 Dockerfile | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index a95218a..7828fd9 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -46,7 +46,8 @@ RUN \
     apt-get -y remove maven && \
     apt-get -y autoremove --purge && \
     # Don't need old log files inside docker images
-    rm -f /var/log/*log
+    rm -f /var/log/*log && \
+    chown -R 1000:1000 /opt/keypass
 
 # Define the entry point
 ENTRYPOINT ["/opt/keypass/keypass-entrypoint.sh"]