Merge pull request #5263

22136256 Start monerod as non root user (Jean-Michel DILLY)
This commit is contained in:
Riccardo Spagni 2019-03-21 14:49:53 +02:00
commit 7329a27e14
No known key found for this signature in database
GPG Key ID: 55432DF31CCD4FCD

View File

@ -185,8 +185,14 @@ RUN set -ex && \
rm -rf /var/lib/apt rm -rf /var/lib/apt
COPY --from=builder /src/build/release/bin /usr/local/bin/ COPY --from=builder /src/build/release/bin /usr/local/bin/
# Create monero user
RUN adduser --system --group --disabled-password monero && \
mkdir -p /wallet /home/monero/.bitmonero && \
chown -R monero:monero /home/monero/.bitmonero && \
chown -R monero:monero /wallet
# Contains the blockchain # Contains the blockchain
VOLUME /root/.bitmonero VOLUME /home/monero/.bitmonero
# Generate your wallet via accessing the container and run: # Generate your wallet via accessing the container and run:
# cd /wallet # cd /wallet
@ -196,5 +202,8 @@ VOLUME /wallet
EXPOSE 18080 EXPOSE 18080
EXPOSE 18081 EXPOSE 18081
# switch to user monero
USER monero
ENTRYPOINT ["monerod", "--p2p-bind-ip=0.0.0.0", "--p2p-bind-port=18080", "--rpc-bind-ip=0.0.0.0", "--rpc-bind-port=18081", "--non-interactive", "--confirm-external-bind"] ENTRYPOINT ["monerod", "--p2p-bind-ip=0.0.0.0", "--p2p-bind-port=18080", "--rpc-bind-ip=0.0.0.0", "--rpc-bind-port=18081", "--non-interactive", "--confirm-external-bind"]