diff options
author | Maxim Kuvyrkov <maxim.kuvyrkov@linaro.org> | 2018-06-05 13:04:48 +0000 |
---|---|---|
committer | Maxim Kuvyrkov <maxim.kuvyrkov@linaro.org> | 2018-06-05 13:04:48 +0000 |
commit | 5f4811ff114af8cf612efd897103401dc1b0f2a8 (patch) | |
tree | df08e66e5c9b84737f679842673603a70352e26c /xenial-arm64-tcwg-base | |
parent | 056673649d1fbcf1af617f52b344428b5a84cdf5 (diff) |
tcwg-host: Restrict access to /home/$USER/.ssh directories of users.
Change-Id: Iee82239f4280a908e019f9cf15337f9ee87fa572
Diffstat (limited to 'xenial-arm64-tcwg-base')
-rw-r--r-- | xenial-arm64-tcwg-base/xenial-arm64-tcwg-host/Dockerfile | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/xenial-arm64-tcwg-base/xenial-arm64-tcwg-host/Dockerfile b/xenial-arm64-tcwg-base/xenial-arm64-tcwg-host/Dockerfile index 0391db84..e61d551d 100644 --- a/xenial-arm64-tcwg-base/xenial-arm64-tcwg-host/Dockerfile +++ b/xenial-arm64-tcwg-base/xenial-arm64-tcwg-host/Dockerfile @@ -4,13 +4,14 @@ FROM linaro/ci-arm64-tcwg-base-ubuntu:xenial COPY passwd start.sh / COPY home-data/ /home-data/ -RUN new-user.sh --group tcwg-infra:9000 && new-user.sh --group primary:10000 \ +RUN new-user.sh --group tcwg-infra:9000 && new-user.sh --group tcwg-users:10000 \ && while read line; do \ new-user.sh --passwd "$line"; \ user=$(echo "$line" | cut -d: -f 1); \ gid=$(echo "$line" | cut -d: -f 4); \ chown -R $user:$gid /home-data/$user/; \ + chmod -R go-rwx /home-data/$user/.ssh/ ; \ rsync -a /home-data/$user/ /home/$user/; \ done </passwd \ && rm -rf /passwd /home-data/ -# checksum: 7658e1f838c8001576f15673556acfe0 +# checksum: 607e7624947eebdea7ed39103e650c61 |