Run mailman inside the container as a non-root process. (#31)

* Run as mailman user. * Run mailman core process as a less-privileged mailman user. * Add a `docker ps` to travis to know if any container died. * Spit out more debug information in CI. * Install su-exec properly.
2017-05-24 15:26:07 -07:00
parent 72b4abe894
commit 8507eaeed2
3 changed files with 10 additions and 2 deletions
--- a/core/Dockerfile
+++ b/core/Dockerfile
@@ -6,7 +6,7 @@ MAINTAINER Abhilash Raj
 # from the Gitlab.
 RUN apk update \
    && apk add --virtual build-deps gcc python3-dev musl-dev wget \
-	&& apk add postgresql-dev bash \
+	&& apk add postgresql-dev bash su-exec \
    && wget -O mailman.zip https://gitlab.com/mailman/mailman/repository/archive.zip?ref=master  \
 	&& wget -O mailman_hyperkitty.zip https://gitlab.com/mailman/mailman-hyperkitty/repository/archive.zip?ref=master  \
 	&& pip install mailman.zip mailman_hyperkitty.zip psycopg2 \
@@ -24,4 +24,6 @@ ENTRYPOINT ["/opt/run.sh"]

 ENV MAILMAN_CONFIG_FILE /config/mailman.cfg

+RUN adduser -S mailman
+
 CMD ["/usr/local/bin/master"]