From 1d109e510629491f80755f023c61c10d7a894964 Mon Sep 17 00:00:00 2001
From: Roelf Wichertjes <contact@roelf.org>
Date: Tue, 22 Mar 2022 15:37:43 +0100
Subject: [PATCH] Change to nobody user.

---
 Dockerfile    | 19 +++++++------------
 entrypoint.sh |  3 +--
 2 files changed, 8 insertions(+), 14 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index b0540cf..9b4028d 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -5,20 +5,15 @@ ENV TINI_VERSION v0.19.0
 ADD https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini /tini
 RUN chmod +x /tini
 
-# Add user
-RUN groupadd -g 1337 ab
-RUN groupadd -r psudo
-RUN useradd -rm -d /home/ab -s /bin/bash -g ab -G psudo -u 1337 ab
-
 # Create data mount
 RUN mkdir -p /data
-RUN chown ab:ab /data
+RUN chown nobody:nogroup /data
 
-# Switch user
-USER ab
-WORKDIR /home/ab
+COPY mover.sh /mover.sh
+COPY entrypoint.sh /entrypoint.sh
 
-COPY mover.sh /home/ab/mover.sh
-COPY entrypoint.sh /home/ab/entrypoint.sh
+# Switch user
+USER nobody
+WORKDIR /tmp
 
-ENTRYPOINT [ "/tini", "--", "/home/ab/entrypoint.sh" ]
+ENTRYPOINT [ "/tini", "--", "/entrypoint.sh" ]
diff --git a/entrypoint.sh b/entrypoint.sh
index 0b190b8..45113e1 100755
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -5,7 +5,6 @@ set -exuo pipefail
 trap "trap - SIGTERM && kill -- -$$" SIGINT SIGTERM EXIT
 
 export SHARED_WARCS_DIR="${SHARED_WARCS_DIR:-/data/}"
-
 export INCOMING="${INCOMING:-${SHARED_WARCS_DIR}/incoming/}"
 export UPLOAD_QUEUE="${UPLOAD_QUEUE:-${SHARED_WARCS_DIR}/upload-queue/}"
 
@@ -14,7 +13,7 @@ mkdir -pv "${UPLOAD_QUEUE}"
 
 case "$1" in
 	"mover")
-		./mover.sh
+		/mover.sh
 		;;
 
 esac