From 2cd23a6047515b594b0ef940751aaf61e575a8f6 Mon Sep 17 00:00:00 2001
From: songtianlun <tianlun.song@foxmail.com>
Date: Thu, 23 Jan 2025 19:53:50 +0800
Subject: [PATCH] fix: update ownership permissions in Dockerfile

- Added 'public' directory to the chown command to ensure the
  proper ownership for runtime files.
- This change enhances the security by ensuring that all
  necessary directories are owned by the designated non-root
  user.

The previous behavior did not account for the 'public'
directory, which could lead to permission issues at runtime.
---
 Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index a95cddc..69e505b 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -75,7 +75,7 @@ COPY --from=build /rails /rails
 # Run and own only the runtime files as a non-root user for security
 RUN groupadd --system --gid 1000 rails && \
     useradd rails --uid 1000 --gid 1000 --create-home --shell /bin/bash && \
-    chown -R rails:rails db log storage tmp
+    chown -R rails:rails db log storage tmp public
 USER 1000:1000
 
 # Entrypoint prepares the database.