Add nobody user/group to Nix docker image
This commit is contained in:
parent
dbf78a7ada
commit
46a6be28be
1 changed files with 12 additions and 0 deletions
12
docker.nix
12
docker.nix
|
@ -36,6 +36,17 @@ let
|
||||||
shell = "${pkgs.bashInteractive}/bin/bash";
|
shell = "${pkgs.bashInteractive}/bin/bash";
|
||||||
home = "/root";
|
home = "/root";
|
||||||
gid = 0;
|
gid = 0;
|
||||||
|
groups = [ "root" ];
|
||||||
|
description = "System administrator";
|
||||||
|
};
|
||||||
|
|
||||||
|
nobody = {
|
||||||
|
uid = 65534;
|
||||||
|
shell = "${pkgs.shadow}/bin/nologin";
|
||||||
|
home = "/var/empty";
|
||||||
|
gid = 65534;
|
||||||
|
groups = [ "nobody" ];
|
||||||
|
description = "Unprivileged account (don't use!)";
|
||||||
};
|
};
|
||||||
|
|
||||||
} // lib.listToAttrs (
|
} // lib.listToAttrs (
|
||||||
|
@ -57,6 +68,7 @@ let
|
||||||
groups = {
|
groups = {
|
||||||
root.gid = 0;
|
root.gid = 0;
|
||||||
nixbld.gid = 30000;
|
nixbld.gid = 30000;
|
||||||
|
nobody.gid = 65534;
|
||||||
};
|
};
|
||||||
|
|
||||||
userToPasswd = (
|
userToPasswd = (
|
||||||
|
|
Loading…
Reference in a new issue