#42 Fix file ownership to run docker image in Openshift

TheHive-Project · Sep 15, 2017 · 9b54e03 · 9b54e03
1 parent 936ccbf
commit 9b54e03
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 3 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -3,6 +3,10 @@
 ## [1.1.4](https://github.com/CERT-BDF/Cortex/tree/1.1.4) (2017-09-15)
 [Full Changelog](https://github.com/CERT-BDF/Cortex/compare/1.1.3...1.1.4)
 
+**Implemented enhancements:**
+
+- Group ownership in Docker image prevents running on OpenShift [\#42](https://github.com/CERT-BDF/Cortex/issues/42)
+
 **Fixed bugs:**
 
 - Display a error notification on analyzer start fail [\#39](https://github.com/CERT-BDF/Cortex/issues/39)

diff --git a/build.sbt b/build.sbt
@@ -95,7 +95,7 @@ linuxMakeStartScript in Debian := None
 
 // RPM //
 rpmRelease := "1"
-rpmVendor in Rpm := "TheHive Project"
+rpmVendor := "TheHive Project"
 rpmUrl := Some("http://thehive-project.org/")
 rpmLicense := Some("AGPL")
 rpmRequirements += "java-1.8.0-openjdk-headless"
@@ -130,7 +130,12 @@ mappings in Docker ~= (_.filterNot {
 })
 
 dockerCommands ~= { dc =>
-  val (dockerInitCmds, dockerTailCmds) = dc.splitAt(4)
+  val (dockerInitCmds, dockerTailCmds) = dc
+    .collect {
+      case ExecCmd("RUN", "chown", _*) => ExecCmd("RUN", "chown", "-R", "daemon:root", ".")
+      case other => other
+    }
+    .splitAt(4)
   dockerInitCmds ++
     Seq(
       Cmd("USER", "root"),
@@ -146,7 +151,8 @@ dockerCommands ~= { dc =>
           "rm -rf misp_modules /var/lib/apt/lists/* /tmp/*"),
       Cmd("ADD", "var", "/var"),
       Cmd("ADD", "etc", "/etc"),
-      ExecCmd("RUN", "chown", "-R", "daemon:daemon", "/var/log/cortex")) ++
+      ExecCmd("RUN", "chown", "-R", "daemon:root", "/var/log/cortex"),
+      ExecCmd("RUN", "chmod", "+x", "/opt/cortex/bin/cortex", "/opt/cortex/entrypoint", "/opt/cortex/contrib/misp-modules-loader.py")) ++
     dockerTailCmds
 }