Gitiles
Code Review Sign In
review.sourcearcade.org / sourcearcade / e509ccd720d46c2672f634be0a4e26d307527b0f^! / . / simpleid / Dockerfile.entrypoint
commite509ccd720d46c2672f634be0a4e26d307527b0f[log] [tgz]
authorNico Huber <nico.h@gmx.de>Fri Jul 21 15:14:12 2023 +0000
committerNico Huber <nico.h@gmx.de>Fri Jul 21 22:35:47 2023 +0000
treec9166fab3da46cb8b50a41b473bc4d7565bac02a
parent03a18a6e3cca5b2495f26826b26be33e3263074c [diff] [blame]
Keep /var/www/html/ and identities owned by root, so nobody else can write

diff --git a/simpleid/Dockerfile.entrypoint b/simpleid/Dockerfile.entrypoint
index fd85408..6678240 100644
--- a/simpleid/Dockerfile.entrypoint
+++ b/simpleid/Dockerfile.entrypoint

@@ -23,10 +23,11 @@
 
 chown -R www-data:www-data /var/cache/simpleid/
 chown -R www-data:www-data /var/lib/simpleid/
-chown -R www-data:www-data /var/db/simpleid/
-chown -R www-data:www-data /var/www/html/
 chown -R www-data:www-data /var/log/
 
+chown -R root:root /var/db/simpleid/
+chown -R root:root /var/www/html/
+
 chmod -R a-w /var/db/simpleid/ /var/www/html/
 
 exec docker-php-entrypoint php-fpm "$@"