Skip to content

Commit c19e8e1

Browse files
yosifkityosifkit
authored
Merge pull request #142 from infosiftr/aribtrary-user-again
Adjust permissions further for arbitrary user even in the face of plugins with Gemfiles
2 parents a881541 + 3aa2069 commit c19e8e1

File tree

3 files changed

+15
-12
lines changed

3 files changed

+15
-12
lines changed

3.3/Dockerfile

Lines changed: 5 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -122,18 +122,19 @@ RUN set -eux; \
122122
rm freetds.tar.bz2; \
123123
( cd freetds && gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)" && ./configure --build="$gnuArch" --enable-silent-rules && make -j "$(nproc)" && make -C src install && make -C include install ); \
124124
rm -rf freetds; \
125-
bundle config build.tiny_tds --enable-system-freetds; \
125+
gosu redmine bundle config build.tiny_tds --enable-system-freetds; \
126126
\
127-
bundle install --without development test; \
127+
gosu redmine bundle install --without development test; \
128128
for adapter in mysql2 postgresql sqlserver sqlite3; do \
129129
echo "$RAILS_ENV:" > ./config/database.yml; \
130130
echo " adapter: $adapter" >> ./config/database.yml; \
131-
bundle install --without development test; \
131+
gosu redmine bundle install --without development test; \
132132
cp Gemfile.lock "Gemfile.lock.${adapter}"; \
133133
done; \
134134
rm ./config/database.yml; \
135135
# fix permissions for running as an arbitrary user
136-
chmod ugo=rwX Gemfile.lock; \
136+
chmod -R ugo=rwX Gemfile.lock "$GEM_HOME"; \
137+
rm -rf ~redmine/.bundle; \
137138
\
138139
# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies
139140
apt-mark auto '.*' > /dev/null; \

3.4/Dockerfile

Lines changed: 5 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -122,18 +122,19 @@ RUN set -eux; \
122122
rm freetds.tar.bz2; \
123123
( cd freetds && gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)" && ./configure --build="$gnuArch" --enable-silent-rules && make -j "$(nproc)" && make -C src install && make -C include install ); \
124124
rm -rf freetds; \
125-
bundle config build.tiny_tds --enable-system-freetds; \
125+
gosu redmine bundle config build.tiny_tds --enable-system-freetds; \
126126
\
127-
bundle install --without development test; \
127+
gosu redmine bundle install --without development test; \
128128
for adapter in mysql2 postgresql sqlserver sqlite3; do \
129129
echo "$RAILS_ENV:" > ./config/database.yml; \
130130
echo " adapter: $adapter" >> ./config/database.yml; \
131-
bundle install --without development test; \
131+
gosu redmine bundle install --without development test; \
132132
cp Gemfile.lock "Gemfile.lock.${adapter}"; \
133133
done; \
134134
rm ./config/database.yml; \
135135
# fix permissions for running as an arbitrary user
136-
chmod ugo=rwX Gemfile.lock; \
136+
chmod -R ugo=rwX Gemfile.lock "$GEM_HOME"; \
137+
rm -rf ~redmine/.bundle; \
137138
\
138139
# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies
139140
apt-mark auto '.*' > /dev/null; \

Dockerfile.template

Lines changed: 5 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -122,18 +122,19 @@ RUN set -eux; \
122122
rm freetds.tar.bz2; \
123123
( cd freetds && gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)" && ./configure --build="$gnuArch" --enable-silent-rules && make -j "$(nproc)" && make -C src install && make -C include install ); \
124124
rm -rf freetds; \
125-
bundle config build.tiny_tds --enable-system-freetds; \
125+
gosu redmine bundle config build.tiny_tds --enable-system-freetds; \
126126
\
127-
bundle install --without development test; \
127+
gosu redmine bundle install --without development test; \
128128
for adapter in mysql2 postgresql sqlserver sqlite3; do \
129129
echo "$RAILS_ENV:" > ./config/database.yml; \
130130
echo " adapter: $adapter" >> ./config/database.yml; \
131-
bundle install --without development test; \
131+
gosu redmine bundle install --without development test; \
132132
cp Gemfile.lock "Gemfile.lock.${adapter}"; \
133133
done; \
134134
rm ./config/database.yml; \
135135
# fix permissions for running as an arbitrary user
136-
chmod ugo=rwX Gemfile.lock; \
136+
chmod -R ugo=rwX Gemfile.lock "$GEM_HOME"; \
137+
rm -rf ~redmine/.bundle; \
137138
\
138139
# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies
139140
apt-mark auto '.*' > /dev/null; \

0 commit comments

Comments
 (0)