indifferentketchup/boocode
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

v1.10.1: booterm runs shells as samkintop with login bash

Browse Source
This commit is contained in:
indifferentketchup
2026-05-19 13:07:59 +00:00
parent 9250632ac3
commit d04b30687f
3 changed files with 15 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
apps/booterm/Dockerfile
View File

@@ -30,7 +30,13 @@ RUN test -f node_modules/node-pty/build/Release/pty.node && echo "pty.node OK" |
# ---- Runtime ----
FROM node:20-alpine AS runtime
RUN apk add --no-cache tmux libstdc++
RUN apk add --no-cache tmux libstdc++ bash su-exec shadow
# v1.10.1: terminal shells inside tmux drop privs to samkintop via su-exec.
# Mirror uid/gid 1000:1000 from the host so the bind-mounted /home/samkintop
# (added in docker-compose) is owned by the user from the container's view.
RUN deluser --remove-home node 2>/dev/null; delgroup node 2>/dev/null; \
addgroup -g 1000 samkintop && \
adduser -D -u 1000 -G samkintop -s /bin/bash samkintop
WORKDIR /app
COPY --from=builder /build/apps/booterm/dist ./dist
COPY --from=proddeps /prod/package.json ./package.json