kingjaypee12/MKM
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(Dockerfile): set proper permissions and remove CI directories

Browse Source 
The previous COPY instruction with --chown flag was not recursively setting permissions. Explicitly set directory and file permissions for the www-data user and remove unnecessary CI directories to reduce image size and potential security exposure.
This commit is contained in:
Jp
2026-02-26 11:08:20 +08:00
parent 618f826e1e
commit ba9c80b9b4
1 changed files with 7 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
Dockerfile
View File

@@ -27,8 +27,12 @@ RUN apt-get clean && rm -rf /var/lib/apt/lists/*
# Get latest Composer # Get latest Composer
COPY --from=docker.io/library/composer:latest /usr/bin/composer /usr/bin/composer COPY --from=docker.io/library/composer:latest /usr/bin/composer /usr/bin/composer
# Copy application files # Copy application files and fix permissions
COPY --chown=www-data:www-data . /var/www COPY . /var/www
RUN chown -R www-data:www-data /var/www && \
find /var/www -type d -exec chmod 755 {} + && \
find /var/www -type f -exec chmod 644 {} + && \
rm -rf /var/www/.circleci /var/www/.github
# Change current user to www # Change current user to www
USER www-data USER www-data