diff --git a/arbitrary-users-patch/Dockerfile b/arbitrary-users-patch/Dockerfile new file mode 100644 index 000000000..a7a6aff9d --- /dev/null +++ b/arbitrary-users-patch/Dockerfile @@ -0,0 +1,12 @@ +ARG FROM_IMAGE +FROM ${FROM_IMAGE} +USER 0 +RUN chmod g=u /etc/passwd +COPY [--chown=0:0] entrypoint.sh / +RUN chmod +x entrypoint.sh + +USER 10001 +ENV HOME /home/user +WORKDIR /projects +ENTRYPOINT [ "/entrypoint.sh" ] +CMD ["sleep", "infinity"] diff --git a/arbitrary-users-patch/base_images b/arbitrary-users-patch/base_images new file mode 100644 index 000000000..9a209ec79 --- /dev/null +++ b/arbitrary-users-patch/base_images @@ -0,0 +1 @@ +java11-maven maven:3.6.0-jdk-11 diff --git a/arbitrary-users-patch/build_images.sh b/arbitrary-users-patch/build_images.sh new file mode 100755 index 000000000..050d023e2 --- /dev/null +++ b/arbitrary-users-patch/build_images.sh @@ -0,0 +1,12 @@ +#!/bin/bash +set -e + +DEFAULT_REGISTRY="quay.io" +REGISTRY=${REGISTRY:-${DEFAULT_REGISTRY}} + +while read -r line; do + base_image_name=$(echo $line | cut -f 1 -d ' ') + base_image=$(echo $line | cut -f 2 -d ' ') + echo "Building ${REGISTRY}/eclipse-che/che7-${base_image_name} based on $base_image ..." + docker build -t "${REGISTRY}/eclipse-che/che7-${base_image_name}" --build-arg FROM_IMAGE=$base_image . +done < base_images diff --git a/arbitrary-users-patch/entrypoint.sh b/arbitrary-users-patch/entrypoint.sh new file mode 100644 index 000000000..d3d14d730 --- /dev/null +++ b/arbitrary-users-patch/entrypoint.sh @@ -0,0 +1,7 @@ +#!/bin/sh +if ! whoami &> /dev/null; then + if [ -w /etc/passwd ]; then + echo "${USER_NAME:-user}:x:$(id -u):0:${USER_NAME:-user} user:${HOME}:/bin/bash" >> /etc/passwd + fi +fi +exec "$@"