wazuh-docker icon indicating copy to clipboard operation
wazuh-docker copied to clipboard

Published 20 hours ago verified publisher icon wazuh

Research owner and group of images building

Open davidcr01 opened this issue 1 year ago • 2 comments

Description

Related: https://github.com/wazuh/wazuh-docker/issues/1210

In the related issue, some problems with the owner and permissions of the files and folders were found. Summarizing:

  • It would be necessary to try to avoid hardcoding the UID and GID of the files/folder.
  • It would be necessary to remove the remaining 101:101

These coincidences are in:

  • https://github.com/wazuh/wazuh-docker/blob/4.8.0/build-docker-images/wazuh-manager/Dockerfile
  • https://github.com/wazuh/wazuh-docker/blob/4.8.0/indexer-certs-creator/config/entrypoint.sh

davidcr01 avatar Feb 22 '24 09:02 davidcr01

We analyzed removing the harcoding of the files within the Dockerfile of the Wazuh dashboard and Wazuh indexer. It was concluded that the elimination of the chowns in the Builder stage did not generate errors, but the subsequent ones are necessary since the user who is going to execute the process was created by us and we need to make the files have the necessary permissions so that the created user can access them.

Additionally, the certificate creation image will be modified, which accommodates the permissions of all the certificates so that they can be accessed by each of the containers.

vcerenu avatar Mar 01 '24 15:03 vcerenu

We have decided to keep the original UIDs to avoid the upgrade complexity of changing them.

teddytpc1 avatar Mar 08 '24 09:03 teddytpc1