Add non-root user to Dockerfile for extra security

Signed-off-by: jerryaldrichiii <jerryaldrichiii@gmail.com>
2025-10-29 19:35:56 +00:00 · 2019-10-01 00:19:01 -07:00 · 2019-10-01 00:19:01 -07:00 · 4b7b5bea15
commit 4b7b5bea15
parent a371359a03
1 changed files with 7 additions and 0 deletions
--- a/7
+++ b/7
@ -66,6 +66,13 @@ WORKDIR /usr/src/game
 # set bash prompt
 ENV PS1 "evennia|docker \w $ "

+# create and switch to a non-root user for runtime security
+# -D - do not set a password
+# -H - do not create a home directory
+# -s /bin/false - set login shell to /bin/false
+RUN adduser -D -H -s /bin/false evennia
+USER evennia
+
 # startup a shell when we start the container
 ENTRYPOINT ["/usr/src/evennia/bin/unix/evennia-docker-start.sh"]