Skip to content

Commit 4ca4baf

Browse files
powersjpowersj
authored
fix: do not run telegraf as root
2 parents 5400bab + 314576c commit 4ca4baf

File tree

6 files changed

+24
-3
lines changed

6 files changed

+24
-3
lines changed

telegraf/1.18/Dockerfile

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -30,6 +30,8 @@ RUN ARCH= && dpkgArch="$(dpkg --print-architecture)" && \
3030

3131
EXPOSE 8125/udp 8092/udp 8094
3232

33+
USER telegraf
34+
3335
COPY entrypoint.sh /entrypoint.sh
3436
ENTRYPOINT ["/entrypoint.sh"]
3537
CMD ["telegraf"]

telegraf/1.18/alpine/Dockerfile

Lines changed: 6 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -25,10 +25,15 @@ RUN set -ex && \
2525
cp -a /usr/src/telegraf*/usr/bin/telegraf /usr/bin/ && \
2626
gpgconf --kill all && \
2727
rm -rf *.tar.gz* /usr/src /root/.gnupg && \
28-
apk del .build-deps
28+
apk del .build-deps && \
29+
addgroup -S telegraf && \
30+
adduser -S telegraf -G telegraf && \
31+
chown -R telegraf:telegraf /etc/telegraf
2932

3033
EXPOSE 8125/udp 8092/udp 8094
3134

35+
USER telegraf
36+
3237
COPY entrypoint.sh /entrypoint.sh
3338
ENTRYPOINT ["/entrypoint.sh"]
3439
CMD ["telegraf"]

telegraf/1.19/Dockerfile

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -30,6 +30,8 @@ RUN ARCH= && dpkgArch="$(dpkg --print-architecture)" && \
3030

3131
EXPOSE 8125/udp 8092/udp 8094
3232

33+
USER telegraf
34+
3335
COPY entrypoint.sh /entrypoint.sh
3436
ENTRYPOINT ["/entrypoint.sh"]
3537
CMD ["telegraf"]

telegraf/1.19/alpine/Dockerfile

Lines changed: 6 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -25,10 +25,15 @@ RUN set -ex && \
2525
cp -a /usr/src/telegraf*/usr/bin/telegraf /usr/bin/ && \
2626
gpgconf --kill all && \
2727
rm -rf *.tar.gz* /usr/src /root/.gnupg && \
28-
apk del .build-deps
28+
apk del .build-deps && \
29+
addgroup -S telegraf && \
30+
adduser -S telegraf -G telegraf && \
31+
chown -R telegraf:telegraf /etc/telegraf
2932

3033
EXPOSE 8125/udp 8092/udp 8094
3134

35+
USER telegraf
36+
3237
COPY entrypoint.sh /entrypoint.sh
3338
ENTRYPOINT ["/entrypoint.sh"]
3439
CMD ["telegraf"]

telegraf/1.20/Dockerfile

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -30,6 +30,8 @@ RUN ARCH= && dpkgArch="$(dpkg --print-architecture)" && \
3030

3131
EXPOSE 8125/udp 8092/udp 8094
3232

33+
USER telegraf
34+
3335
COPY entrypoint.sh /entrypoint.sh
3436
ENTRYPOINT ["/entrypoint.sh"]
3537
CMD ["telegraf"]

telegraf/1.20/alpine/Dockerfile

Lines changed: 6 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -25,10 +25,15 @@ RUN set -ex && \
2525
cp -a /usr/src/telegraf*/usr/bin/telegraf /usr/bin/ && \
2626
gpgconf --kill all && \
2727
rm -rf *.tar.gz* /usr/src /root/.gnupg && \
28-
apk del .build-deps
28+
apk del .build-deps && \
29+
addgroup -S telegraf && \
30+
adduser -S telegraf -G telegraf && \
31+
chown -R telegraf:telegraf /etc/telegraf
2932

3033
EXPOSE 8125/udp 8092/udp 8094
3134

35+
USER telegraf
36+
3237
COPY entrypoint.sh /entrypoint.sh
3338
ENTRYPOINT ["/entrypoint.sh"]
3439
CMD ["telegraf"]

0 commit comments

Comments
 (0)