From 4e13e983448b8c29770a94d9fe6e52775e83ca1e Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Sat, 19 Dec 2020 18:42:48 +0200 Subject: [PATCH] Review zabbix user and group configuration --- agent/alpine/Dockerfile | 14 +++++++++----- agent/centos/Dockerfile | 9 ++++++--- agent/ubuntu/Dockerfile | 11 ++++++----- java-gateway/alpine/Dockerfile | 14 +++++++++----- java-gateway/centos/Dockerfile | 9 ++++++--- java-gateway/ubuntu/Dockerfile | 11 ++++++----- proxy-mysql/alpine/Dockerfile | 14 +++++++++----- proxy-mysql/centos/Dockerfile | 9 ++++++--- proxy-mysql/ubuntu/Dockerfile | 11 ++++++----- proxy-sqlite3/alpine/Dockerfile | 14 +++++++++----- proxy-sqlite3/centos/Dockerfile | 9 ++++++--- proxy-sqlite3/ubuntu/Dockerfile | 11 ++++++----- server-mysql/alpine/Dockerfile | 14 +++++++++----- server-mysql/centos/Dockerfile | 11 +++++++---- server-mysql/ubuntu/Dockerfile | 12 ++++++------ server-pgsql/alpine/Dockerfile | 14 +++++++++----- server-pgsql/centos/Dockerfile | 11 +++++++---- server-pgsql/ubuntu/Dockerfile | 12 ++++++------ snmptraps/alpine/Dockerfile | 14 +++++++++----- snmptraps/centos/Dockerfile | 9 ++++++--- snmptraps/ubuntu/Dockerfile | 11 ++++++----- web-apache-mysql/alpine/Dockerfile | 15 +++++++++------ web-apache-mysql/centos/Dockerfile | 9 ++++++--- web-apache-mysql/ubuntu/Dockerfile | 11 ++++++----- web-apache-pgsql/alpine/Dockerfile | 15 +++++++++------ web-apache-pgsql/centos/Dockerfile | 9 ++++++--- web-apache-pgsql/ubuntu/Dockerfile | 11 ++++++----- web-nginx-mysql/alpine/Dockerfile | 15 +++++++++------ web-nginx-mysql/centos/Dockerfile | 9 ++++++--- web-nginx-mysql/ubuntu/Dockerfile | 11 ++++++----- web-nginx-pgsql/alpine/Dockerfile | 15 +++++++++------ web-nginx-pgsql/centos/Dockerfile | 9 ++++++--- web-nginx-pgsql/ubuntu/Dockerfile | 11 ++++++----- zabbix-appliance/rhel/Dockerfile | 11 +++++++---- 34 files changed, 240 insertions(+), 155 deletions(-) diff --git a/agent/alpine/Dockerfile b/agent/alpine/Dockerfile index 20d28944a..d62b2e9fc 100644 --- a/agent/alpine/Dockerfile +++ b/agent/alpine/Dockerfile @@ -10,12 +10,16 @@ LABEL org.opencontainers.image.title="Zabbix agent" \ STOPSIGNAL SIGTERM RUN set -eux && \ - addgroup -S -g 1995 zabbix && \ - adduser -S \ - -D -G zabbix -G root \ - -u 1997 \ - -h /var/lib/zabbix/ \ + addgroup --system --gid 1995 zabbix && \ + adduser --system \ + --gecos "Zabbix monitoring system" \ + --disabled-password \ + --uid 1997 \ + --ingroup zabbix \ + --shell /sbin/nologin \ + --home /var/lib/zabbix/ \ zabbix && \ + adduser zabbix root && \ mkdir -p /etc/zabbix && \ mkdir -p /etc/zabbix/zabbix_agentd.d && \ mkdir -p /var/lib/zabbix && \ diff --git a/agent/centos/Dockerfile b/agent/centos/Dockerfile index 005f9df53..2a484faae 100644 --- a/agent/centos/Dockerfile +++ b/agent/centos/Dockerfile @@ -12,10 +12,13 @@ STOPSIGNAL SIGTERM ENV TINI_VERSION=v0.19.0 RUN set -eux && \ - groupadd -g 1995 --system zabbix && \ - adduser -r --shell /sbin/nologin \ + groupadd --system --gid 1995 zabbix && \ + useradd \ + --system --comment "Zabbix monitoring system" \ -g zabbix -G root \ - -d /var/lib/zabbix/ -u 1997 \ + --uid 1997 \ + --shell /sbin/nologin \ + --home-dir /var/lib/zabbix/ \ zabbix && \ mkdir -p /etc/zabbix && \ mkdir -p /etc/zabbix/zabbix_agentd.d && \ diff --git a/agent/ubuntu/Dockerfile b/agent/ubuntu/Dockerfile index cea6feef6..5dd53a11e 100644 --- a/agent/ubuntu/Dockerfile +++ b/agent/ubuntu/Dockerfile @@ -13,12 +13,13 @@ ENV TINI_VERSION=v0.19.0 RUN set -eux && \ echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \ - addgroup --system --gid 1995 --quiet zabbix && \ - adduser --quiet \ - --system --disabled-login \ - --ingroup zabbix --ingroup root \ + groupadd --system --gid 1995 zabbix && \ + useradd \ + --system --comment "Zabbix monitoring system" \ + -g zabbix -G root \ --uid 1997 \ - --home /var/lib/zabbix/ \ + --shell /sbin/nologin \ + --home-dir /var/lib/zabbix/ \ zabbix && \ mkdir -p /etc/zabbix && \ mkdir -p /etc/zabbix/zabbix_agentd.d && \ diff --git a/java-gateway/alpine/Dockerfile b/java-gateway/alpine/Dockerfile index 0b25125db..839eb541c 100644 --- a/java-gateway/alpine/Dockerfile +++ b/java-gateway/alpine/Dockerfile @@ -10,12 +10,16 @@ LABEL org.opencontainers.image.title="Zabbix Java Gateway" \ STOPSIGNAL SIGTERM RUN set -eux && \ - addgroup -S -g 1995 zabbix && \ - adduser -S \ - -D -G zabbix -G root \ - -u 1997 \ - -h /var/lib/zabbix/ \ + addgroup --system --gid 1995 zabbix && \ + adduser --system \ + --gecos "Zabbix monitoring system" \ + --disabled-password \ + --uid 1997 \ + --ingroup zabbix \ + --shell /sbin/nologin \ + --home /var/lib/zabbix/ \ zabbix && \ + adduser zabbix root && \ mkdir -p /etc/zabbix/ && \ mkdir -p /usr/sbin/zabbix_java/ && \ mkdir -p /usr/sbin/zabbix_java/ext_lib/ && \ diff --git a/java-gateway/centos/Dockerfile b/java-gateway/centos/Dockerfile index e86c7fdc1..479f79cc0 100644 --- a/java-gateway/centos/Dockerfile +++ b/java-gateway/centos/Dockerfile @@ -10,10 +10,13 @@ LABEL org.opencontainers.image.title="Zabbix Java Gateway" \ STOPSIGNAL SIGTERM RUN set -eux && \ - groupadd -g 1995 --system zabbix && \ - adduser -r --shell /sbin/nologin \ + groupadd --system --gid 1995 zabbix && \ + useradd \ + --system --comment "Zabbix monitoring system" \ -g zabbix -G root \ - -d /var/lib/zabbix/ -u 1997 \ + --uid 1997 \ + --shell /sbin/nologin \ + --home-dir /var/lib/zabbix/ \ zabbix && \ mkdir -p /etc/zabbix/ && \ mkdir -p /usr/sbin/zabbix_java/ && \ diff --git a/java-gateway/ubuntu/Dockerfile b/java-gateway/ubuntu/Dockerfile index a51d56332..8abd62429 100644 --- a/java-gateway/ubuntu/Dockerfile +++ b/java-gateway/ubuntu/Dockerfile @@ -11,12 +11,13 @@ STOPSIGNAL SIGTERM RUN set -eux && \ echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \ - addgroup --system --gid 1995 --quiet zabbix && \ - adduser --quiet \ - --system --disabled-login \ - --ingroup zabbix --ingroup root \ + groupadd --system --gid 1995 zabbix && \ + useradd \ + --system --comment "Zabbix monitoring system" \ + -g zabbix -G root \ --uid 1997 \ - --home /var/lib/zabbix/ \ + --shell /sbin/nologin \ + --home-dir /var/lib/zabbix/ \ zabbix && \ mkdir -p /etc/zabbix/ && \ mkdir -p /usr/sbin/zabbix_java/ && \ diff --git a/proxy-mysql/alpine/Dockerfile b/proxy-mysql/alpine/Dockerfile index da66da958..02a7fd9c4 100644 --- a/proxy-mysql/alpine/Dockerfile +++ b/proxy-mysql/alpine/Dockerfile @@ -10,12 +10,16 @@ LABEL org.opencontainers.image.title="Zabbix proxy (MySQL)" \ STOPSIGNAL SIGTERM RUN set -eux && \ - addgroup -S -g 1995 zabbix && \ - adduser -S \ - -D -G zabbix -G root \ - -u 1997 \ - -h /var/lib/zabbix/ \ + addgroup --system --gid 1995 zabbix && \ + adduser --system \ + --gecos "Zabbix monitoring system" \ + --disabled-password \ + --uid 1997 \ + --ingroup zabbix \ + --shell /sbin/nologin \ + --home /var/lib/zabbix/ \ zabbix && \ + adduser zabbix root && \ mkdir -p /etc/zabbix && \ mkdir -p /var/lib/zabbix && \ mkdir -p /var/lib/zabbix/enc && \ diff --git a/proxy-mysql/centos/Dockerfile b/proxy-mysql/centos/Dockerfile index 12cb4f886..20218c18e 100644 --- a/proxy-mysql/centos/Dockerfile +++ b/proxy-mysql/centos/Dockerfile @@ -12,10 +12,13 @@ STOPSIGNAL SIGTERM ENV TINI_VERSION=v0.19.0 RUN set -eux && \ - groupadd -g 1995 --system zabbix && \ - adduser -r --shell /sbin/nologin \ + groupadd --system --gid 1995 zabbix && \ + useradd \ + --system --comment "Zabbix monitoring system" \ -g zabbix -G root \ - -d /var/lib/zabbix/ -u 1997 \ + --uid 1997 \ + --shell /sbin/nologin \ + --home-dir /var/lib/zabbix/ \ zabbix && \ mkdir -p /etc/zabbix && \ mkdir -p /var/lib/zabbix && \ diff --git a/proxy-mysql/ubuntu/Dockerfile b/proxy-mysql/ubuntu/Dockerfile index bddb8d536..a7d6be216 100644 --- a/proxy-mysql/ubuntu/Dockerfile +++ b/proxy-mysql/ubuntu/Dockerfile @@ -13,12 +13,13 @@ ENV TINI_VERSION=v0.19.0 RUN set -eux && \ echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \ - addgroup --system --gid 1995 --quiet zabbix && \ - adduser --quiet \ - --system --disabled-login \ - --ingroup zabbix --ingroup root \ + groupadd --system --gid 1995 zabbix && \ + useradd \ + --system --comment "Zabbix monitoring system" \ + -g zabbix -G root \ --uid 1997 \ - --home /var/lib/zabbix/ \ + --shell /sbin/nologin \ + --home-dir /var/lib/zabbix/ \ zabbix && \ mkdir -p /etc/zabbix && \ mkdir -p /var/lib/zabbix && \ diff --git a/proxy-sqlite3/alpine/Dockerfile b/proxy-sqlite3/alpine/Dockerfile index ddf7bfc2e..26228b410 100644 --- a/proxy-sqlite3/alpine/Dockerfile +++ b/proxy-sqlite3/alpine/Dockerfile @@ -10,12 +10,16 @@ LABEL org.opencontainers.image.title="Zabbix proxy (SQLite3)" \ STOPSIGNAL SIGTERM RUN set -eux && \ - addgroup -S -g 1995 zabbix && \ - adduser -S \ - -D -G zabbix -G root \ - -u 1997 \ - -h /var/lib/zabbix/ \ + addgroup --system --gid 1995 zabbix && \ + adduser --system \ + --gecos "Zabbix monitoring system" \ + --disabled-password \ + --uid 1997 \ + --ingroup zabbix \ + --shell /sbin/nologin \ + --home /var/lib/zabbix/ \ zabbix && \ + adduser zabbix root && \ mkdir -p /etc/zabbix && \ mkdir -p /var/lib/zabbix && \ mkdir -p /var/lib/zabbix/enc && \ diff --git a/proxy-sqlite3/centos/Dockerfile b/proxy-sqlite3/centos/Dockerfile index 76b2b701d..320835fe3 100644 --- a/proxy-sqlite3/centos/Dockerfile +++ b/proxy-sqlite3/centos/Dockerfile @@ -12,10 +12,13 @@ STOPSIGNAL SIGTERM ENV TINI_VERSION=v0.19.0 RUN set -eux && \ - groupadd -g 1995 --system zabbix && \ - adduser -r --shell /sbin/nologin \ + groupadd --system --gid 1995 zabbix && \ + useradd \ + --system --comment "Zabbix monitoring system" \ -g zabbix -G root \ - -d /var/lib/zabbix/ -u 1997 \ + --uid 1997 \ + --shell /sbin/nologin \ + --home-dir /var/lib/zabbix/ \ zabbix && \ mkdir -p /etc/zabbix && \ mkdir -p /var/lib/zabbix && \ diff --git a/proxy-sqlite3/ubuntu/Dockerfile b/proxy-sqlite3/ubuntu/Dockerfile index 244a85946..f6648344f 100644 --- a/proxy-sqlite3/ubuntu/Dockerfile +++ b/proxy-sqlite3/ubuntu/Dockerfile @@ -13,12 +13,13 @@ ENV TINI_VERSION=v0.19.0 RUN set -eux && \ echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \ - addgroup --system --gid 1995 --quiet zabbix && \ - adduser --quiet \ - --system --disabled-login \ - --ingroup zabbix --ingroup root \ + groupadd --system --gid 1995 zabbix && \ + useradd \ + --system --comment "Zabbix monitoring system" \ + -g zabbix -G root \ --uid 1997 \ - --home /var/lib/zabbix/ \ + --shell /sbin/nologin \ + --home-dir /var/lib/zabbix/ \ zabbix && \ mkdir -p /etc/zabbix && \ mkdir -p /var/lib/zabbix && \ diff --git a/server-mysql/alpine/Dockerfile b/server-mysql/alpine/Dockerfile index 8728d74c2..db2c12cce 100644 --- a/server-mysql/alpine/Dockerfile +++ b/server-mysql/alpine/Dockerfile @@ -10,12 +10,16 @@ LABEL org.opencontainers.image.title="Zabbix server (MySQL)" \ STOPSIGNAL SIGTERM RUN set -eux && \ - addgroup -S -g 1995 zabbix && \ - adduser -S \ - -D -G zabbix -G dialout -G root \ - -u 1997 \ - -h /var/lib/zabbix/ \ + addgroup --system --gid 1995 zabbix && \ + adduser --system \ + --gecos "Zabbix monitoring system" \ + --disabled-password \ + --uid 1997 \ + --ingroup zabbix \ + --shell /sbin/nologin \ + --home /var/lib/zabbix/ \ zabbix && \ + adduser zabbix root && \ adduser zabbix dialout && \ mkdir -p /etc/zabbix && \ mkdir -p /var/lib/zabbix && \ diff --git a/server-mysql/centos/Dockerfile b/server-mysql/centos/Dockerfile index 125ec3a1d..6c263e893 100644 --- a/server-mysql/centos/Dockerfile +++ b/server-mysql/centos/Dockerfile @@ -12,10 +12,13 @@ STOPSIGNAL SIGTERM ENV TINI_VERSION=v0.19.0 RUN set -eux && \ - groupadd -g 1995 --system zabbix && \ - adduser -r --shell /sbin/nologin \ - -g zabbix -G dialout -G root \ - -d /var/lib/zabbix/ -u 1997 \ + groupadd --system --gid 1995 zabbix && \ + useradd \ + --system --comment "Zabbix monitoring system" \ + -g zabbix -G root -G dialout \ + --uid 1997 \ + --shell /sbin/nologin \ + --home-dir /var/lib/zabbix/ \ zabbix && \ mkdir -p /etc/zabbix && \ mkdir -p /var/lib/zabbix && \ diff --git a/server-mysql/ubuntu/Dockerfile b/server-mysql/ubuntu/Dockerfile index ca0d1bc08..fe7ca3064 100644 --- a/server-mysql/ubuntu/Dockerfile +++ b/server-mysql/ubuntu/Dockerfile @@ -12,14 +12,14 @@ STOPSIGNAL SIGTERM ENV TINI_VERSION=v0.19.0 RUN set -eux && \ - addgroup --system --gid 1995 --quiet zabbix && \ - adduser --quiet \ - --system --disabled-login \ - --ingroup zabbix --ingroup root \ + groupadd --system --gid 1995 zabbix && \ + useradd \ + --system --comment "Zabbix monitoring system" \ + -g zabbix -G root -G dialout \ --uid 1997 \ - --home /var/lib/zabbix/ \ + --shell /sbin/nologin \ + --home-dir /var/lib/zabbix/ \ zabbix && \ - usermod -G zabbix,dialout zabbix && \ mkdir -p /etc/zabbix && \ mkdir -p /var/lib/zabbix && \ mkdir -p /var/lib/zabbix/enc && \ diff --git a/server-pgsql/alpine/Dockerfile b/server-pgsql/alpine/Dockerfile index 9d6c09577..c2a755456 100644 --- a/server-pgsql/alpine/Dockerfile +++ b/server-pgsql/alpine/Dockerfile @@ -10,12 +10,16 @@ LABEL org.opencontainers.image.title="Zabbix server (PostgreSQL)" \ STOPSIGNAL SIGTERM RUN set -eux && \ - addgroup -S -g 1995 zabbix && \ - adduser -S \ - -D -G zabbix -G dialout -G root \ - -u 1997 \ - -h /var/lib/zabbix/ \ + addgroup --system --gid 1995 zabbix && \ + adduser --system \ + --gecos "Zabbix monitoring system" \ + --disabled-password \ + --uid 1997 \ + --ingroup zabbix \ + --shell /sbin/nologin \ + --home /var/lib/zabbix/ \ zabbix && \ + adduser zabbix root && \ adduser zabbix dialout && \ mkdir -p /etc/zabbix && \ mkdir -p /var/lib/zabbix && \ diff --git a/server-pgsql/centos/Dockerfile b/server-pgsql/centos/Dockerfile index 60ff46c32..0ad8e6ee0 100644 --- a/server-pgsql/centos/Dockerfile +++ b/server-pgsql/centos/Dockerfile @@ -12,10 +12,13 @@ STOPSIGNAL SIGTERM ENV TINI_VERSION=v0.19.0 RUN set -eux && \ - groupadd -g 1995 --system zabbix && \ - adduser -r --shell /sbin/nologin \ - -g zabbix -G dialout -G root \ - -d /var/lib/zabbix/ -u 1997 \ + groupadd --system --gid 1995 zabbix && \ + useradd \ + --system --comment "Zabbix monitoring system" \ + -g zabbix -G root -G dialout \ + --uid 1997 \ + --shell /sbin/nologin \ + --home-dir /var/lib/zabbix/ \ zabbix && \ mkdir -p /etc/zabbix && \ mkdir -p /var/lib/zabbix && \ diff --git a/server-pgsql/ubuntu/Dockerfile b/server-pgsql/ubuntu/Dockerfile index 0985bac45..540481e4c 100644 --- a/server-pgsql/ubuntu/Dockerfile +++ b/server-pgsql/ubuntu/Dockerfile @@ -12,14 +12,14 @@ STOPSIGNAL SIGTERM ENV TINI_VERSION=v0.19.0 RUN set -eux && \ - addgroup --system --gid 1995 --quiet zabbix && \ - adduser --quiet \ - --system --disabled-login \ - --ingroup zabbix --ingroup root \ + groupadd --system --gid 1995 zabbix && \ + useradd \ + --system --comment "Zabbix monitoring system" \ + -g zabbix -G root -G dialout \ --uid 1997 \ - --home /var/lib/zabbix/ \ + --shell /sbin/nologin \ + --home-dir /var/lib/zabbix/ \ zabbix && \ - usermod -G zabbix,dialout zabbix && \ mkdir -p /etc/zabbix && \ mkdir -p /var/lib/zabbix && \ mkdir -p /var/lib/zabbix/enc && \ diff --git a/snmptraps/alpine/Dockerfile b/snmptraps/alpine/Dockerfile index bb8792d9b..9b81e884b 100644 --- a/snmptraps/alpine/Dockerfile +++ b/snmptraps/alpine/Dockerfile @@ -19,12 +19,16 @@ LABEL org.opencontainers.image.title="zabbix-snmptraps-alpine" \ STOPSIGNAL SIGTERM RUN set -eux && \ - addgroup -S -g 1995 zabbix && \ - adduser -S \ - -D -G zabbix -G root \ - -u 1997 \ - -h /var/lib/zabbix/ \ + addgroup --system --gid 1995 zabbix && \ + adduser --system \ + --gecos "Zabbix monitoring system" \ + --disabled-password \ + --uid 1997 \ + --ingroup zabbix \ + --shell /sbin/nologin \ + --home /var/lib/zabbix/ \ zabbix && \ + adduser zabbix root && \ apk update && \ apk add --clean-protected --no-cache \ tzdata \ diff --git a/snmptraps/centos/Dockerfile b/snmptraps/centos/Dockerfile index 55985af23..fbb118d71 100644 --- a/snmptraps/centos/Dockerfile +++ b/snmptraps/centos/Dockerfile @@ -19,10 +19,13 @@ LABEL org.opencontainers.image.title="zabbix-snmptraps-centos" \ STOPSIGNAL SIGTERM RUN set -eux && \ - groupadd -g 1995 --system zabbix && \ - adduser -r --shell /sbin/nologin \ + groupadd --system --gid 1995 zabbix && \ + useradd \ + --system --comment "Zabbix monitoring system" \ -g zabbix -G root \ - -d /var/lib/zabbix/ -u 1997 \ + --uid 1997 \ + --shell /sbin/nologin \ + --home-dir /var/lib/zabbix/ \ zabbix && \ yum --quiet makecache && \ yum -y install epel-release && \ diff --git a/snmptraps/ubuntu/Dockerfile b/snmptraps/ubuntu/Dockerfile index 13042a00e..7716b7a8d 100644 --- a/snmptraps/ubuntu/Dockerfile +++ b/snmptraps/ubuntu/Dockerfile @@ -20,12 +20,13 @@ STOPSIGNAL SIGTERM RUN set -eux && \ echo "#!/bin/sh\nexit 101" > /usr/sbin/policy-rc.d && \ - addgroup --system --gid 1995 --quiet zabbix && \ - adduser --quiet \ - --system --disabled-login \ - --ingroup zabbix --ingroup root \ + groupadd --system --gid 1995 zabbix && \ + useradd \ + --system --comment "Zabbix monitoring system" \ + -g zabbix -G root \ --uid 1997 \ - --home /var/lib/zabbix/ \ + --shell /sbin/nologin \ + --home-dir /var/lib/zabbix/ \ zabbix && \ apt-get -y update && \ DEBIAN_FRONTEND=noninteractive apt-get -y --no-install-recommends install \ diff --git a/web-apache-mysql/alpine/Dockerfile b/web-apache-mysql/alpine/Dockerfile index e3f8c6052..f5048bee0 100644 --- a/web-apache-mysql/alpine/Dockerfile +++ b/web-apache-mysql/alpine/Dockerfile @@ -10,13 +10,16 @@ LABEL org.opencontainers.image.title="Zabbix web-interface (Apache, MySQL)" \ STOPSIGNAL SIGTERM RUN set -eux && \ - addgroup -S -g 1995 zabbix && \ - adduser -S \ - -D -G zabbix -G root \ - -u 1997 \ - -h /var/lib/zabbix/ \ - -H \ + addgroup --system --gid 1995 zabbix && \ + adduser --system \ + --gecos "Zabbix monitoring system" \ + --disabled-password \ + --uid 1997 \ + --ingroup zabbix \ + --shell /sbin/nologin \ + --home /var/lib/zabbix/ \ zabbix && \ + adduser zabbix root && \ mkdir -p /etc/zabbix && \ mkdir -p /etc/zabbix/web && \ apk add --clean-protected --no-cache \ diff --git a/web-apache-mysql/centos/Dockerfile b/web-apache-mysql/centos/Dockerfile index a00f8ec88..cff97b922 100644 --- a/web-apache-mysql/centos/Dockerfile +++ b/web-apache-mysql/centos/Dockerfile @@ -10,10 +10,13 @@ LABEL org.opencontainers.image.title="Zabbix web-interface (Apache, MySQL)" \ STOPSIGNAL SIGTERM RUN set -eux && \ - groupadd -g 1995 --system zabbix && \ - adduser -r --shell /sbin/nologin \ + groupadd --system --gid 1995 zabbix && \ + useradd \ + --system --comment "Zabbix monitoring system" \ -g zabbix -G root \ - -d /var/lib/zabbix/ -u 1997 \ + --uid 1997 \ + --shell /sbin/nologin \ + --home-dir /var/lib/zabbix/ \ zabbix && \ mkdir -p /etc/zabbix && \ mkdir -p /etc/zabbix/web && \ diff --git a/web-apache-mysql/ubuntu/Dockerfile b/web-apache-mysql/ubuntu/Dockerfile index 11f750b95..b64a3b82d 100644 --- a/web-apache-mysql/ubuntu/Dockerfile +++ b/web-apache-mysql/ubuntu/Dockerfile @@ -11,12 +11,13 @@ STOPSIGNAL SIGTERM RUN set -eux && \ echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \ - addgroup --system --gid 1995 --quiet zabbix && \ - adduser --quiet \ - --system --disabled-login \ - --ingroup zabbix --ingroup root \ + groupadd --system --gid 1995 zabbix && \ + useradd \ + --system --comment "Zabbix monitoring system" \ + -g zabbix -G root \ --uid 1997 \ - --home /var/lib/zabbix/ \ + --shell /sbin/nologin \ + --home-dir /var/lib/zabbix/ \ zabbix && \ mkdir -p /etc/zabbix && \ mkdir -p /etc/zabbix/web && \ diff --git a/web-apache-pgsql/alpine/Dockerfile b/web-apache-pgsql/alpine/Dockerfile index 336a40673..dafb152e3 100644 --- a/web-apache-pgsql/alpine/Dockerfile +++ b/web-apache-pgsql/alpine/Dockerfile @@ -10,13 +10,16 @@ LABEL org.opencontainers.image.title="Zabbix web-interface (Apache, PostgreSQL)" STOPSIGNAL SIGTERM RUN set -eux && \ - addgroup -S -g 1995 zabbix && \ - adduser -S \ - -D -G zabbix -G root \ - -u 1997 \ - -h /var/lib/zabbix/ \ - -H \ + addgroup --system --gid 1995 zabbix && \ + adduser --system \ + --gecos "Zabbix monitoring system" \ + --disabled-password \ + --uid 1997 \ + --ingroup zabbix \ + --shell /sbin/nologin \ + --home /var/lib/zabbix/ \ zabbix && \ + adduser zabbix root && \ mkdir -p /etc/zabbix && \ mkdir -p /etc/zabbix/web && \ apk add --clean-protected --no-cache \ diff --git a/web-apache-pgsql/centos/Dockerfile b/web-apache-pgsql/centos/Dockerfile index 0c39cb276..d890e91ea 100644 --- a/web-apache-pgsql/centos/Dockerfile +++ b/web-apache-pgsql/centos/Dockerfile @@ -10,10 +10,13 @@ LABEL org.opencontainers.image.title="Zabbix web-interface (Apache, PostgreSQL)" STOPSIGNAL SIGTERM RUN set -eux && \ - groupadd -g 1995 --system zabbix && \ - adduser -r --shell /sbin/nologin \ + groupadd --system --gid 1995 zabbix && \ + useradd \ + --system --comment "Zabbix monitoring system" \ -g zabbix -G root \ - -d /var/lib/zabbix/ -u 1997 \ + --uid 1997 \ + --shell /sbin/nologin \ + --home-dir /var/lib/zabbix/ \ zabbix && \ mkdir -p /etc/zabbix && \ mkdir -p /etc/zabbix/web && \ diff --git a/web-apache-pgsql/ubuntu/Dockerfile b/web-apache-pgsql/ubuntu/Dockerfile index 4f2c0ad6f..86f2031e1 100644 --- a/web-apache-pgsql/ubuntu/Dockerfile +++ b/web-apache-pgsql/ubuntu/Dockerfile @@ -11,12 +11,13 @@ STOPSIGNAL SIGTERM RUN set -eux && \ echo "#!/bin/sh\nexit 0" > /usr/sbin/policy-rc.d && \ - addgroup --system --gid 1995 --quiet zabbix && \ - adduser --quiet \ - --system --disabled-login \ - --ingroup zabbix --ingroup root \ + groupadd --system --gid 1995 zabbix && \ + useradd \ + --system --comment "Zabbix monitoring system" \ + -g zabbix -G root \ --uid 1997 \ - --home /var/lib/zabbix/ \ + --shell /sbin/nologin \ + --home-dir /var/lib/zabbix/ \ zabbix && \ mkdir -p /etc/zabbix && \ mkdir -p /etc/zabbix/web && \ diff --git a/web-nginx-mysql/alpine/Dockerfile b/web-nginx-mysql/alpine/Dockerfile index 0cfb6b66f..858bd4d13 100644 --- a/web-nginx-mysql/alpine/Dockerfile +++ b/web-nginx-mysql/alpine/Dockerfile @@ -10,13 +10,16 @@ LABEL org.opencontainers.image.title="Zabbix web-interface (Nginx, MySQL)" \ STOPSIGNAL SIGTERM RUN set -eux && \ - addgroup -S -g 1995 zabbix && \ - adduser -S \ - -D -G zabbix -G root \ - -u 1997 \ - -h /var/lib/zabbix/ \ - -H \ + addgroup --system --gid 1995 zabbix && \ + adduser --system \ + --gecos "Zabbix monitoring system" \ + --disabled-password \ + --uid 1997 \ + --ingroup zabbix \ + --shell /sbin/nologin \ + --home /var/lib/zabbix/ \ zabbix && \ + adduser zabbix root && \ mkdir -p /etc/zabbix && \ mkdir -p /etc/zabbix/web && \ mkdir -p /var/lib/php/session && \ diff --git a/web-nginx-mysql/centos/Dockerfile b/web-nginx-mysql/centos/Dockerfile index 378f23c5b..60a540cba 100644 --- a/web-nginx-mysql/centos/Dockerfile +++ b/web-nginx-mysql/centos/Dockerfile @@ -10,10 +10,13 @@ LABEL org.opencontainers.image.title="Zabbix web-interface (Nginx, MySQL)" \ STOPSIGNAL SIGTERM RUN set -eux && \ - groupadd -g 1995 --system zabbix && \ - adduser -r --shell /sbin/nologin \ + groupadd --system --gid 1995 zabbix && \ + useradd \ + --system --comment "Zabbix monitoring system" \ -g zabbix -G root \ - -d /var/lib/zabbix/ -u 1997 \ + --uid 1997 \ + --shell /sbin/nologin \ + --home-dir /var/lib/zabbix/ \ zabbix && \ mkdir -p /etc/zabbix && \ mkdir -p /etc/zabbix/web && \ diff --git a/web-nginx-mysql/ubuntu/Dockerfile b/web-nginx-mysql/ubuntu/Dockerfile index 39391cee6..5dc9847f7 100644 --- a/web-nginx-mysql/ubuntu/Dockerfile +++ b/web-nginx-mysql/ubuntu/Dockerfile @@ -10,12 +10,13 @@ LABEL org.opencontainers.image.title="Zabbix web-interface (Nginx, MySQL)" \ STOPSIGNAL SIGTERM RUN set -eux && \ - addgroup --system --gid 1995 --quiet zabbix && \ - adduser --quiet \ - --system --disabled-login \ - --ingroup zabbix --ingroup root \ + groupadd --system --gid 1995 zabbix && \ + useradd \ + --system --comment "Zabbix monitoring system" \ + -g zabbix -G root \ --uid 1997 \ - --home /var/lib/zabbix/ \ + --shell /sbin/nologin \ + --home-dir /var/lib/zabbix/ \ zabbix && \ mkdir -p /etc/zabbix && \ mkdir -p /etc/zabbix/web && \ diff --git a/web-nginx-pgsql/alpine/Dockerfile b/web-nginx-pgsql/alpine/Dockerfile index ae058d087..dba149458 100644 --- a/web-nginx-pgsql/alpine/Dockerfile +++ b/web-nginx-pgsql/alpine/Dockerfile @@ -10,13 +10,16 @@ LABEL org.opencontainers.image.title="Zabbix web-interface (Nginx, PostgreSQL)" STOPSIGNAL SIGTERM RUN set -eux && \ - addgroup -S -g 1995 zabbix && \ - adduser -S \ - -D -G zabbix -G root \ - -u 1997 \ - -h /var/lib/zabbix/ \ - -H \ + addgroup --system --gid 1995 zabbix && \ + adduser --system \ + --gecos "Zabbix monitoring system" \ + --disabled-password \ + --uid 1997 \ + --ingroup zabbix \ + --shell /sbin/nologin \ + --home /var/lib/zabbix/ \ zabbix && \ + adduser zabbix root && \ mkdir -p /etc/zabbix && \ mkdir -p /etc/zabbix/web && \ mkdir -p /var/lib/php/session && \ diff --git a/web-nginx-pgsql/centos/Dockerfile b/web-nginx-pgsql/centos/Dockerfile index cae4b5bb7..cddf0f827 100644 --- a/web-nginx-pgsql/centos/Dockerfile +++ b/web-nginx-pgsql/centos/Dockerfile @@ -10,10 +10,13 @@ LABEL org.opencontainers.image.title="Zabbix web-interface (Nginx, PostgreSQL)" STOPSIGNAL SIGTERM RUN set -eux && \ - groupadd -g 1995 --system zabbix && \ - adduser -r --shell /sbin/nologin \ + groupadd --system --gid 1995 zabbix && \ + useradd \ + --system --comment "Zabbix monitoring system" \ -g zabbix -G root \ - -d /var/lib/zabbix/ -u 1997 \ + --uid 1997 \ + --shell /sbin/nologin \ + --home-dir /var/lib/zabbix/ \ zabbix && \ mkdir -p /etc/zabbix && \ mkdir -p /etc/zabbix/web && \ diff --git a/web-nginx-pgsql/ubuntu/Dockerfile b/web-nginx-pgsql/ubuntu/Dockerfile index a9e582ab6..322b675c2 100644 --- a/web-nginx-pgsql/ubuntu/Dockerfile +++ b/web-nginx-pgsql/ubuntu/Dockerfile @@ -10,12 +10,13 @@ LABEL org.opencontainers.image.title="Zabbix web-interface (Nginx, PostgreSQL)" STOPSIGNAL SIGTERM RUN set -eux && \ - addgroup --system --gid 1995 --quiet zabbix && \ - adduser --quiet \ - --system --disabled-login \ - --ingroup zabbix --ingroup root \ + groupadd --system --gid 1995 zabbix && \ + useradd \ + --system --comment "Zabbix monitoring system" \ + -g zabbix -G root \ --uid 1997 \ - --home /var/lib/zabbix/ \ + --shell /sbin/nologin \ + --home-dir /var/lib/zabbix/ \ zabbix && \ mkdir -p /etc/zabbix && \ mkdir -p /etc/zabbix/web && \ diff --git a/zabbix-appliance/rhel/Dockerfile b/zabbix-appliance/rhel/Dockerfile index f59988ba9..5f141ee05 100644 --- a/zabbix-appliance/rhel/Dockerfile +++ b/zabbix-appliance/rhel/Dockerfile @@ -82,10 +82,13 @@ RUN INSTALL_PKGS="OpenIPMI-libs \ --security --sec-severity=Important --sec-severity=Critical && \ echo ${REPOLIST} && \ yum -y install --disablerepo "*" --enablerepo "${REPOLIST}" --setopt=tsflags=nodocs ${INSTALL_PKGS} && \ - groupadd --system zabbix && \ - adduser -r --shell /sbin/nologin \ - -g zabbix -G dialout \ - -d /var/lib/zabbix/ \ + groupadd --system --gid 1995 zabbix && \ + useradd \ + --system --comment "Zabbix monitoring system" \ + -g zabbix -G root -G dialout \ + --uid 1997 \ + --shell /sbin/nologin \ + --home-dir /var/lib/zabbix/ \ zabbix && \ mkdir -p /etc/zabbix && \ mkdir -p /var/lib/zabbix && \