From df6ca40a827443367a3b5c6a6ab2e5c68f88557c Mon Sep 17 00:00:00 2001 From: Michael Mayer Date: Mon, 18 Apr 2022 19:12:26 +0200 Subject: [PATCH] Docker: Add matching groups for default users #2262 --- docker/develop/armv7/Dockerfile | 5 ----- docker/develop/bullseye-slim/Dockerfile | 5 ----- docker/develop/bullseye/Dockerfile | 5 ----- docker/develop/buster/Dockerfile | 5 ----- docker/develop/impish/Dockerfile | 5 ----- docker/develop/jammy/Dockerfile | 5 ----- docker/photoprism/armv7/Dockerfile | 18 ++++++++++-------- docker/photoprism/buster/Dockerfile | 16 ++++++++-------- docker/photoprism/impish/Dockerfile | 16 ++++++++-------- docker/photoprism/jammy/Dockerfile | 16 ++++++++-------- scripts/dist/create-users.sh | 22 +++++++++++++++++----- 11 files changed, 51 insertions(+), 67 deletions(-) diff --git a/docker/develop/armv7/Dockerfile b/docker/develop/armv7/Dockerfile index b29fef3d1..7b8658744 100644 --- a/docker/develop/armv7/Dockerfile +++ b/docker/develop/armv7/Dockerfile @@ -41,11 +41,6 @@ RUN echo 'APT::Acquire::Retries "3";' > /etc/apt/apt.conf.d/80retries && \ echo 'APT::Install-Suggests "false";' > /etc/apt/apt.conf.d/80suggests && \ echo 'APT::Get::Assume-Yes "true";' > /etc/apt/apt.conf.d/80forceyes && \ echo 'APT::Get::Fix-Missing "true";' > /etc/apt/apt.conf.d/80fixmissing && \ - groupadd -f -r -g 44 video && \ - groupadd -f -r -g 109 render && \ - groupadd -f -g 1000 photoprism && \ - useradd -m -g 1000 -u 1000 -d /photoprism -G video,render photoprism && \ - chmod 777 /photoprism && \ apt-get update && apt-get -qq dist-upgrade && apt-get -qq install --no-install-recommends \ apt-utils \ gpg \ diff --git a/docker/develop/bullseye-slim/Dockerfile b/docker/develop/bullseye-slim/Dockerfile index 6a7ab7f5d..6bee81605 100644 --- a/docker/develop/bullseye-slim/Dockerfile +++ b/docker/develop/bullseye-slim/Dockerfile @@ -35,11 +35,6 @@ RUN echo 'APT::Acquire::Retries "3";' > /etc/apt/apt.conf.d/80retries && \ echo 'APT::Install-Suggests "false";' > /etc/apt/apt.conf.d/80suggests && \ echo 'APT::Get::Assume-Yes "true";' > /etc/apt/apt.conf.d/80forceyes && \ echo 'APT::Get::Fix-Missing "true";' > /etc/apt/apt.conf.d/80fixmissing && \ - groupadd -f -r -g 44 video && \ - groupadd -f -r -g 109 render && \ - groupadd -f -g 1000 photoprism && \ - useradd -m -g 1000 -u 1000 -d /photoprism -G video,render photoprism && \ - chmod 777 /photoprism && \ apt-get update && apt-get -qq dist-upgrade && apt-get -qq install --no-install-recommends \ ca-certificates \ jq \ diff --git a/docker/develop/bullseye/Dockerfile b/docker/develop/bullseye/Dockerfile index c0cb0634e..29b55ae62 100644 --- a/docker/develop/bullseye/Dockerfile +++ b/docker/develop/bullseye/Dockerfile @@ -41,11 +41,6 @@ RUN echo 'APT::Acquire::Retries "3";' > /etc/apt/apt.conf.d/80retries && \ echo 'APT::Install-Suggests "false";' > /etc/apt/apt.conf.d/80suggests && \ echo 'APT::Get::Assume-Yes "true";' > /etc/apt/apt.conf.d/80forceyes && \ echo 'APT::Get::Fix-Missing "true";' > /etc/apt/apt.conf.d/80fixmissing && \ - groupadd -f -r -g 44 video && \ - groupadd -f -r -g 109 render && \ - groupadd -f -g 1000 photoprism && \ - useradd -m -g 1000 -u 1000 -d /photoprism -G video,render photoprism && \ - chmod 777 /photoprism && \ apt-get update && apt-get -qq dist-upgrade && \ apt-get -qq install \ apt-utils \ diff --git a/docker/develop/buster/Dockerfile b/docker/develop/buster/Dockerfile index 4c89a97ac..4277880ad 100644 --- a/docker/develop/buster/Dockerfile +++ b/docker/develop/buster/Dockerfile @@ -41,11 +41,6 @@ RUN echo 'APT::Acquire::Retries "3";' > /etc/apt/apt.conf.d/80retries && \ echo 'APT::Install-Suggests "false";' > /etc/apt/apt.conf.d/80suggests && \ echo 'APT::Get::Assume-Yes "true";' > /etc/apt/apt.conf.d/80forceyes && \ echo 'APT::Get::Fix-Missing "true";' > /etc/apt/apt.conf.d/80fixmissing && \ - groupadd -f -r -g 44 video && \ - groupadd -f -r -g 109 render && \ - groupadd -f -g 1000 photoprism && \ - useradd -m -g 1000 -u 1000 -d /photoprism -G video,render photoprism && \ - chmod 777 /photoprism && \ apt-get update && apt-get -qq dist-upgrade && apt-get -qq install --no-install-recommends \ apt-utils \ gpg \ diff --git a/docker/develop/impish/Dockerfile b/docker/develop/impish/Dockerfile index cab6acad7..49e8160d6 100644 --- a/docker/develop/impish/Dockerfile +++ b/docker/develop/impish/Dockerfile @@ -40,11 +40,6 @@ RUN echo 'APT::Acquire::Retries "3";' > /etc/apt/apt.conf.d/80retries && \ echo 'APT::Install-Suggests "false";' > /etc/apt/apt.conf.d/80suggests && \ echo 'APT::Get::Assume-Yes "true";' > /etc/apt/apt.conf.d/80forceyes && \ echo 'APT::Get::Fix-Missing "true";' > /etc/apt/apt.conf.d/80fixmissing && \ - groupadd -f -r -g 44 video && \ - groupadd -f -r -g 109 render && \ - groupadd -f -g 1000 photoprism && \ - useradd -m -g 1000 -u 1000 -d /photoprism -G video,render photoprism && \ - chmod 777 /photoprism && \ apt-get update && apt-get -qq dist-upgrade && apt-get -qq install --no-install-recommends \ apt-utils \ gpg \ diff --git a/docker/develop/jammy/Dockerfile b/docker/develop/jammy/Dockerfile index 94f506781..4ff929adc 100644 --- a/docker/develop/jammy/Dockerfile +++ b/docker/develop/jammy/Dockerfile @@ -40,11 +40,6 @@ RUN echo 'APT::Acquire::Retries "3";' > /etc/apt/apt.conf.d/80retries && \ echo 'APT::Install-Suggests "false";' > /etc/apt/apt.conf.d/80suggests && \ echo 'APT::Get::Assume-Yes "true";' > /etc/apt/apt.conf.d/80forceyes && \ echo 'APT::Get::Fix-Missing "true";' > /etc/apt/apt.conf.d/80fixmissing && \ - groupadd -f -r -g 44 video && \ - groupadd -f -r -g 109 render && \ - groupadd -f -g 1000 photoprism && \ - useradd -m -g 1000 -u 1000 -d /photoprism -G video,render photoprism && \ - chmod 777 /photoprism && \ apt-get update && apt-get -qq dist-upgrade && \ apt-get -qq install \ apt-utils \ diff --git a/docker/photoprism/armv7/Dockerfile b/docker/photoprism/armv7/Dockerfile index 62e056132..6bf6980bc 100644 --- a/docker/photoprism/armv7/Dockerfile +++ b/docker/photoprism/armv7/Dockerfile @@ -90,9 +90,6 @@ RUN echo 'APT::Acquire::Retries "3";' > /etc/apt/apt.conf.d/80retries && \ mv /opt/photoprism/sbin/gosu /usr/local/sbin/gosu && \ chown root:root /usr/local/sbin/gosu && \ chmod 755 /usr/local/sbin/gosu && \ - groupadd -f -r -g 44 video && groupadd -f -r -g 109 render && groupadd -f -g 1000 photoprism && \ - useradd -m -g 1000 -u 1000 -d /photoprism -G video,render photoprism && \ - chmod 777 /photoprism && \ apt-get update && apt-get -qq dist-upgrade && apt-get -qq install --no-install-recommends \ libc6 ca-certificates sudo bash tzdata \ gpg zip unzip wget curl rsync make nano \ @@ -101,6 +98,14 @@ RUN echo 'APT::Acquire::Retries "3";' > /etc/apt/apt.conf.d/80retries && \ ffmpeg ffmpegthumbnailer libavcodec-extra libwebm1 \ libmatroska7 libdvdread8 libebml5 libgav1-0 libatomic1 \ libx264-163 libx265-199 && \ + && \ + echo 'alias ll="ls -alh"' >> /etc/skel/.bashrc && \ + echo 'export PS1="\u@$DOCKER_TAG:\w\$ "' >> /etc/skel/.bashrc && \ + echo "ALL ALL=(ALL) NOPASSWD:SETENV: /scripts/entrypoint-init.sh" >> /etc/sudoers.d/init && \ + cp /etc/skel/.bashrc /root/.bashrc && \ + /scripts/create-users.sh && \ + /scripts/cleanup.sh && \ + cp /scripts/heif-convert.sh /usr/local/bin/heif-convert && \ install -d -m 0777 -o 1000 -g 1000 \ /var/lib/photoprism \ /tmp/photoprism \ @@ -111,11 +116,8 @@ RUN echo 'APT::Acquire::Retries "3";' > /etc/apt/apt.conf.d/80retries && \ /photoprism/storage/albums \ /photoprism/storage/backups \ /photoprism/storage/config \ - /photoprism/storage/cache \ - && \ - echo "ALL ALL=(ALL) NOPASSWD:SETENV: /scripts/entrypoint-init.sh" >> /etc/sudoers.d/init && \ - cp /scripts/heif-convert.sh /usr/local/bin/heif-convert && \ - /scripts/cleanup.sh + /photoprism/storage/cache + # define default directory and user WORKDIR /photoprism diff --git a/docker/photoprism/buster/Dockerfile b/docker/photoprism/buster/Dockerfile index f18e4a267..49793c128 100644 --- a/docker/photoprism/buster/Dockerfile +++ b/docker/photoprism/buster/Dockerfile @@ -90,9 +90,6 @@ RUN echo 'APT::Acquire::Retries "3";' > /etc/apt/apt.conf.d/80retries && \ mv /opt/photoprism/sbin/gosu /usr/local/sbin/gosu && \ chown root:root /usr/local/sbin/gosu && \ chmod 755 /usr/local/sbin/gosu && \ - groupadd -f -r -g 44 video && groupadd -f -r -g 109 render && groupadd -f -g 1000 photoprism && \ - useradd -m -g 1000 -u 1000 -d /photoprism -G video,render photoprism && \ - chmod 777 /photoprism && \ apt-get update && apt-get -qq dist-upgrade && apt-get -qq install --no-install-recommends \ ca-certificates \ jq \ @@ -117,6 +114,13 @@ RUN echo 'APT::Acquire::Retries "3";' > /etc/apt/apt.conf.d/80retries && \ libavcodec-extra \ && \ /scripts/install-darktable.sh && \ + echo 'alias ll="ls -alh"' >> /etc/skel/.bashrc && \ + echo 'export PS1="\u@$DOCKER_TAG:\w\$ "' >> /etc/skel/.bashrc && \ + echo "ALL ALL=(ALL) NOPASSWD:SETENV: /scripts/entrypoint-init.sh" >> /etc/sudoers.d/init && \ + cp /etc/skel/.bashrc /root/.bashrc && \ + /scripts/create-users.sh && \ + /scripts/cleanup.sh && \ + cp /scripts/heif-convert.sh /usr/local/bin/heif-convert && \ install -d -m 0777 -o 1000 -g 1000 \ /var/lib/photoprism \ /tmp/photoprism \ @@ -127,11 +131,7 @@ RUN echo 'APT::Acquire::Retries "3";' > /etc/apt/apt.conf.d/80retries && \ /photoprism/storage/albums \ /photoprism/storage/backups \ /photoprism/storage/config \ - /photoprism/storage/cache \ - && \ - echo "ALL ALL=(ALL) NOPASSWD:SETENV: /scripts/entrypoint-init.sh" >> /etc/sudoers.d/init && \ - cp /scripts/heif-convert.sh /usr/local/bin/heif-convert && \ - /scripts/cleanup.sh + /photoprism/storage/cache # define default directory and user WORKDIR /photoprism diff --git a/docker/photoprism/impish/Dockerfile b/docker/photoprism/impish/Dockerfile index 431aaffa2..87b6fdc72 100644 --- a/docker/photoprism/impish/Dockerfile +++ b/docker/photoprism/impish/Dockerfile @@ -89,9 +89,6 @@ RUN echo 'APT::Acquire::Retries "3";' > /etc/apt/apt.conf.d/80retries && \ mv /opt/photoprism/sbin/gosu /usr/local/sbin/gosu && \ chown root:root /usr/local/sbin/gosu && \ chmod 755 /usr/local/sbin/gosu && \ - groupadd -f -r -g 44 video && groupadd -f -r -g 109 render && groupadd -f -g 1000 photoprism && \ - useradd -m -g 1000 -u 1000 -d /photoprism -G video,render photoprism && \ - chmod 777 /photoprism && \ apt-get update && apt-get -qq dist-upgrade && apt-get -qq install --no-install-recommends \ ca-certificates \ jq \ @@ -116,6 +113,13 @@ RUN echo 'APT::Acquire::Retries "3";' > /etc/apt/apt.conf.d/80retries && \ libavcodec-extra \ && \ /scripts/install-darktable.sh && \ + echo 'alias ll="ls -alh"' >> /etc/skel/.bashrc && \ + echo 'export PS1="\u@$DOCKER_TAG:\w\$ "' >> /etc/skel/.bashrc && \ + echo "ALL ALL=(ALL) NOPASSWD:SETENV: /scripts/entrypoint-init.sh" >> /etc/sudoers.d/init && \ + cp /etc/skel/.bashrc /root/.bashrc && \ + /scripts/create-users.sh && \ + /scripts/cleanup.sh && \ + cp /scripts/heif-convert.sh /usr/local/bin/heif-convert && \ install -d -m 0777 -o 1000 -g 1000 \ /var/lib/photoprism \ /tmp/photoprism \ @@ -126,11 +130,7 @@ RUN echo 'APT::Acquire::Retries "3";' > /etc/apt/apt.conf.d/80retries && \ /photoprism/storage/albums \ /photoprism/storage/backups \ /photoprism/storage/config \ - /photoprism/storage/cache \ - && \ - echo "ALL ALL=(ALL) NOPASSWD:SETENV: /scripts/entrypoint-init.sh" >> /etc/sudoers.d/init && \ - cp /scripts/heif-convert.sh /usr/local/bin/heif-convert && \ - /scripts/cleanup.sh + /photoprism/storage/cache # define default directory and user WORKDIR /photoprism diff --git a/docker/photoprism/jammy/Dockerfile b/docker/photoprism/jammy/Dockerfile index 9e41d4d22..e7c781768 100644 --- a/docker/photoprism/jammy/Dockerfile +++ b/docker/photoprism/jammy/Dockerfile @@ -89,9 +89,6 @@ RUN echo 'APT::Acquire::Retries "3";' > /etc/apt/apt.conf.d/80retries && \ mv /opt/photoprism/sbin/gosu /usr/local/sbin/gosu && \ chown root:root /usr/local/sbin/gosu && \ chmod 755 /usr/local/sbin/gosu && \ - groupadd -f -r -g 44 video && groupadd -f -r -g 109 render && groupadd -f -g 1000 photoprism && \ - useradd -m -g 1000 -u 1000 -d /photoprism -G video,render photoprism && \ - chmod 777 /photoprism && \ apt-get update && apt-get -qq dist-upgrade && apt-get -qq install --no-install-recommends \ ca-certificates \ jq \ @@ -116,6 +113,13 @@ RUN echo 'APT::Acquire::Retries "3";' > /etc/apt/apt.conf.d/80retries && \ libavcodec-extra \ && \ /scripts/install-darktable.sh && \ + echo 'alias ll="ls -alh"' >> /etc/skel/.bashrc && \ + echo 'export PS1="\u@$DOCKER_TAG:\w\$ "' >> /etc/skel/.bashrc && \ + echo "ALL ALL=(ALL) NOPASSWD:SETENV: /scripts/entrypoint-init.sh" >> /etc/sudoers.d/init && \ + cp /etc/skel/.bashrc /root/.bashrc && \ + /scripts/create-users.sh && \ + /scripts/cleanup.sh && \ + cp /scripts/heif-convert.sh /usr/local/bin/heif-convert && \ install -d -m 0777 -o 1000 -g 1000 \ /var/lib/photoprism \ /tmp/photoprism \ @@ -126,11 +130,7 @@ RUN echo 'APT::Acquire::Retries "3";' > /etc/apt/apt.conf.d/80retries && \ /photoprism/storage/albums \ /photoprism/storage/backups \ /photoprism/storage/config \ - /photoprism/storage/cache \ - && \ - echo "ALL ALL=(ALL) NOPASSWD:SETENV: /scripts/entrypoint-init.sh" >> /etc/sudoers.d/init && \ - cp /scripts/heif-convert.sh /usr/local/bin/heif-convert && \ - /scripts/cleanup.sh + /photoprism/storage/cache # define default directory and user WORKDIR /photoprism diff --git a/scripts/dist/create-users.sh b/scripts/dist/create-users.sh index f4234249e..b46ddc782 100755 --- a/scripts/dist/create-users.sh +++ b/scripts/dist/create-users.sh @@ -10,17 +10,29 @@ fi echo "Creating default users and groups..." -groupadd -f -r -g 44 video -groupadd -f -r -g 109 render -groupadd -f -g 1000 photoprism +groupadd -f -r -g 44 video 1>&2 +groupadd -f -r -g 109 render 1>&2 + +groupdel -f 1000 >/dev/null 2>&1 +userdel -f photoprism >/dev/null 2>&1 +userdel -f 1000 >/dev/null 2>&1 + +groupadd -f -g 1000 photoprism 1>&2 +useradd -N -o -u 1000 -g photoprism -G video,render -s /bin/bash -m -d "/home/photoprism" photoprism add_user() { - useradd -u "$1" -g photoprism -G video,render -s /bin/bash -m -d "/home/user-$1" "user-$1" 2>/dev/null + userdel -f "$1" >/dev/null 2>&1 + groupdel -f "group-$1" >/dev/null 2>&1 + groupdel -f "$1" >/dev/null 2>&1 + groupadd -f -g "$1" "group-$1" + useradd -u "$1" -g "$1" -G photoprism,video,render -s /bin/bash -m -d "/home/user-$1" "user-$1" 2>/dev/null } for i in $(seq 50 99); do add_user "$i"; done for i in $(seq 500 549); do add_user "$i"; done -for i in $(seq 1000 1099); do add_user "$i"; done +for i in $(seq 1001 1099); do add_user "$i"; done + +chgrp -f -R 1000 /home echo "Done."