GUACAMOLE-1110: Merge support for running the "guacd" Docker image as a specific service user.

This commit is contained in:
Mike Jumper 2020-07-02 22:34:35 -07:00 committed by GitHub
commit f0dee00d33
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -90,6 +90,7 @@ ENV LD_LIBRARY_PATH=${PREFIX_DIR}/lib
ENV GUACD_LOG_LEVEL=info
ARG RUNTIME_DEPENDENCIES=" \
netcat-openbsd \
ca-certificates \
ghostscript \
fonts-liberation \
@ -101,14 +102,24 @@ COPY --from=builder ${PREFIX_DIR} ${PREFIX_DIR}
# Bring runtime environment up to date and install runtime dependencies
RUN apt-get update && \
apt-get install -y $RUNTIME_DEPENDENCIES && \
apt-get install -y $(cat "${PREFIX_DIR}"/DEPENDENCIES) && \
apt-get install -y --no-install-recommends $RUNTIME_DEPENDENCIES && \
apt-get install -y --no-install-recommends $(cat "${PREFIX_DIR}"/DEPENDENCIES) && \
rm -rf /var/lib/apt/lists/*
# Link FreeRDP plugins into proper path
RUN ${PREFIX_DIR}/bin/link-freerdp-plugins.sh \
${PREFIX_DIR}/lib/freerdp2/libguac*.so
# Checks the operating status every 5 minutes with a timeout of 5 seconds
HEALTHCHECK --interval=5m --timeout=5s CMD nc -z 127.0.0.1 4822 || exit 1
# Create a new user guacd
ARG UID=1000
RUN useradd --system --create-home --shell /usr/sbin/nologin --uid $UID --no-user-group guacd
# Run with user guacd
USER guacd
# Expose the default listener port
EXPOSE 4822