search

peter-evans / nominatim-docker

Docker image for Nominatim
https://hub.docker.com/r/peterevans/nominatim/
MIT License
30 stars 16 forks source link

Run nominatim with non root user #6

Open MAMABA opened 6 years ago

MAMABA commented 6 years ago

Hello,

Following my email, I open an issue to track this feature.

Regards

peter-evans commented 6 years ago

I did a bit of research to try and find out the best way to do this and it is still not very clear to me yet. Here are a couple of resources and snippets of code I found that might work. The problem is that I don't have an Openshift environment to test them in and it would take me some time to set that up. Maybe you could also check out some of the methods below and let me know if you figure out a solution for this Docker image.

Some resources and code snippets I found in no particular order: https://gist.github.com/alkrauss48/2dd9f9d84ed6ebff9240ccfa49a80662 https://www.yegor256.com/2014/08/29/docker-non-root.html

FROM openjdk:8-jdk
RUN useradd --create-home -s /bin/bash user
WORKDIR /home/user
USER user
RUN adduser --disabled-password --gecos '' r && adduser r sudo && echo '%sudo ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers
USER r
CMD ["/home/r/script.sh"]