songtianlun/today_ai_weather
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: update ownership permissions in Dockerfile

Browse Source 
- Added 'public' directory to the chown command to ensure the
  proper ownership for runtime files.
- This change enhances the security by ensuring that all
  necessary directories are owned by the designated non-root
  user.

The previous behavior did not account for the 'public'
directory, which could lead to permission issues at runtime.
This commit is contained in:
songtianlun 2025-01-23 19:53:50 +08:00
parent 80a75d3fbb
commit 2cd23a6047
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Dockerfile
View File

@ -75,7 +75,7 @@ COPY --from=build /rails /rails
# Run and own only the runtime files as a non-root user for security # Run and own only the runtime files as a non-root user for security
RUN groupadd --system --gid 1000 rails && \ RUN groupadd --system --gid 1000 rails && \
useradd rails --uid 1000 --gid 1000 --create-home --shell /bin/bash && \ useradd rails --uid 1000 --gid 1000 --create-home --shell /bin/bash && \
chown -R rails:rails db log storage tmp chown -R rails:rails db log storage tmp public
USER 1000:1000 USER 1000:1000
# Entrypoint prepares the database. # Entrypoint prepares the database.