|
|
@@ -33,7 +33,7 @@ RUN apt-get clean && apt-get update && apt-get dist-upgrade -y && apt-get instal
|
|
|
usermod -a -G adm,audio,cdrom,dialout,dip,fax,floppy,games,input,lp,plugdev,render,ssl-cert,sudo,tape,tty,video,voice ubuntu && \
|
|
|
echo "ubuntu ALL=(ALL:ALL) NOPASSWD: ALL" >> /etc/sudoers && \
|
|
|
echo "ubuntu:${PASSWD}" | chpasswd && \
|
|
|
- chown -R -f --no-preserve-root ubuntu:ubuntu / || echo 'Failed to set filesystem ownership in some paths to ubuntu user'
|
|
|
+ chown -R -f -h --no-preserve-root ubuntu:ubuntu / || echo 'Failed to set filesystem ownership in some paths to ubuntu user'
|
|
|
|
|
|
# Set locales
|
|
|
ENV LANG="en_US.UTF-8"
|
|
|
@@ -475,7 +475,7 @@ RUN if [ "$(dpkg --print-architecture)" = "amd64" ]; then \
|
|
|
curl -o heroic_launcher.deb -fsSL "https://github.com/Heroic-Games-Launcher/HeroicGamesLauncher/releases/download/v${HEROIC_VERSION}/heroic_${HEROIC_VERSION}_$(dpkg --print-architecture).deb" && apt-get install --no-install-recommends -y ./heroic_launcher.deb && rm -f heroic_launcher.deb && \
|
|
|
apt-get clean && rm -rf /var/lib/apt/lists/* /var/cache/debconf/* /var/log/* /tmp/* /var/tmp/* && \
|
|
|
curl -o /usr/bin/winetricks -fsSL "https://raw.githubusercontent.com/Winetricks/winetricks/master/src/winetricks" && \
|
|
|
- chmod 755 /usr/bin/winetricks && \
|
|
|
+ chmod -f 755 /usr/bin/winetricks && \
|
|
|
curl -o /usr/share/bash-completion/completions/winetricks -fsSL "https://raw.githubusercontent.com/Winetricks/winetricks/master/src/winetricks.bash-completion"; fi
|
|
|
|
|
|
# Install latest Selkies-GStreamer (https://github.com/selkies-project/selkies-gstreamer) build, Python application, and web application, should be consistent with Selkies-GStreamer documentation
|
|
|
@@ -563,13 +563,13 @@ ENV LD_LIBRARY_PATH="${LD_LIBRARY_PATH:+${LD_LIBRARY_PATH}:}/usr/lib/rustdesk/li
|
|
|
|
|
|
# Copy scripts and configurations used to start the container with `--chown=1000:1000`
|
|
|
COPY --chown=1000:1000 entrypoint.sh /etc/entrypoint.sh
|
|
|
-RUN chmod 755 /etc/entrypoint.sh
|
|
|
+RUN chmod -f 755 /etc/entrypoint.sh
|
|
|
COPY --chown=1000:1000 selkies-gstreamer-entrypoint.sh /etc/selkies-gstreamer-entrypoint.sh
|
|
|
-RUN chmod 755 /etc/selkies-gstreamer-entrypoint.sh
|
|
|
+RUN chmod -f 755 /etc/selkies-gstreamer-entrypoint.sh
|
|
|
COPY --chown=1000:1000 kasmvnc-entrypoint.sh /etc/kasmvnc-entrypoint.sh
|
|
|
-RUN chmod 755 /etc/kasmvnc-entrypoint.sh
|
|
|
+RUN chmod -f 755 /etc/kasmvnc-entrypoint.sh
|
|
|
COPY --chown=1000:1000 supervisord.conf /etc/supervisord.conf
|
|
|
-RUN chmod 755 /etc/supervisord.conf
|
|
|
+RUN chmod -f 755 /etc/supervisord.conf
|
|
|
|
|
|
# Configure coTURN script
|
|
|
RUN echo "#!/bin/bash\n\
|
|
|
@@ -590,14 +590,14 @@ turnserver \
|
|
|
--cli-password=\"\${TURN_RANDOM_PASSWORD:-\$(tr -dc 'A-Za-z0-9' < /dev/urandom 2>/dev/null | head -c 24)}\" \
|
|
|
--allow-loopback-peers \
|
|
|
\${TURN_EXTRA_ARGS} \$@\
|
|
|
-" > /etc/start-turnserver.sh && chmod 755 /etc/start-turnserver.sh
|
|
|
+" > /etc/start-turnserver.sh && chmod -f 755 /etc/start-turnserver.sh
|
|
|
|
|
|
SHELL ["/bin/sh", "-c"]
|
|
|
|
|
|
USER 0
|
|
|
# Enable sudo through sudo-root with uid 0
|
|
|
RUN if [ -d /usr/libexec/sudo ]; then SUDO_LIB="/usr/libexec/sudo"; else SUDO_LIB="/usr/lib/sudo"; fi && \
|
|
|
- chown -R -f --no-preserve-root root:root /usr/bin/sudo-root /etc/sudo.conf /etc/sudoers /etc/sudoers.d /etc/sudo_logsrvd.conf "${SUDO_LIB}" || echo 'Failed to provide root permissions in some paths relevant to sudo' && \
|
|
|
+ chown -R -f -h --no-preserve-root root:root /usr/bin/sudo-root /etc/sudo.conf /etc/sudoers /etc/sudoers.d /etc/sudo_logsrvd.conf "${SUDO_LIB}" || echo 'Failed to provide root permissions in some paths relevant to sudo' && \
|
|
|
chmod -f 4755 /usr/bin/sudo-root || echo 'Failed to set chmod with sudo-root'
|
|
|
USER 1000
|
|
|
|
Seungmin Kim