Fix sudoers file permissions

4f0baebf · Dan Thomson · f24ca312 · 4f0baebf · 4f0baebf · 4f0baebf
Commit 4f0baebf authored Sep 16, 2020 by Dan Thomson
Hide whitespace changes
Inline Side-by-side

Showing with 6 additions and 5 deletions

Dockerfile.centos7 Dockerfile.centos7 +4 -3

Dockerfile.centos8 Dockerfile.centos8 +1 -1

Dockerfile.debian10 Dockerfile.debian10 +1 -1

No files found.
--- a/Dockerfile.centos7
+++ b/Dockerfile.centos7
@@ -35,9 +35,10 @@ RUN sed -i '/^ip_resolve=/{h;s/=.*/=4/};${x;/^$/{s//ip_resolve=4/;H};x}' /etc/yu
 	rm -f /tmp/requirements.txt && \
 	yum -y clean all

-COPY /entrypoint.sh /entrypoint.sh
-COPY /sudoers /etc/sudoers.d/ansible
-RUN chmod 755 /entrypoint.sh
+COPY entrypoint.sh /entrypoint.sh
+COPY sudoers /etc/sudoers.d/ansible
+
+RUN chmod 755 /entrypoint.sh && chmod 600 /etc/sudoers.d/ansible

 RUN groupadd --gid $GID ansible && \
 	adduser --home /home/ansible --shell /bin/bash --gid $GID --uid $UID ansible

--- a/Dockerfile.centos8
+++ b/Dockerfile.centos8
@@ -35,7 +35,7 @@ RUN sed -i '/^ip_resolve=/{h;s/=.*/=4/};${x;/^$/{s//ip_resolve=4/;H};x}' /etc/yu

 COPY entrypoint.sh /entrypoint.sh
 COPY sudoers /etc/sudoers.d/ansible
-RUN chmod 755 /entrypoint.sh
+RUN chmod 755 /entrypoint.sh && chmod 600 /etc/sudoers.d/ansible

 RUN groupadd --gid $GID ansible && \
 	adduser --home /home/ansible --shell /bin/bash --gid $GID --uid $UID ansible

--- a/Dockerfile.debian10
+++ b/Dockerfile.debian10
@@ -40,7 +40,7 @@ RUN apt-get -y update && \

 COPY entrypoint.sh /entrypoint.sh
 COPY sudoers /etc/sudoers.d/ansible
-RUN chmod 755 /entrypoint.sh
+RUN chmod 755 /entrypoint.sh && chmod 600 /etc/sudoers.d/ansible

 RUN addgroup --gid $GID ansible && \
 	adduser --home /home/ansible --shell /bin/bash --disabled-password --gecos '' --gid $GID --uid $UID ansible