add versions, removed sudo, powerusers group,

2025-05-13 14:44:50 -04:00 · 2022-05-02 20:39:21 +02:00 · 2022-05-02 20:39:21 +02:00 · 17bc78f534
commit 17bc78f534
parent 90b4af2627
6 changed files with 16 additions and 22 deletions
--- a/docker/docker-py3-kms-minimal/Dockerfile
+++ b/docker/docker-py3-kms-minimal/Dockerfile
@ -26,9 +26,7 @@ bash \
  tzdata \
  netcat-openbsd \
  && pip3 install --no-cache-dir -r /home/py-kms/requirements.txt \
  && addgroup power_users  \
  && adduser -S py-kms -G users -s /bin/bash \
  && usermod -aG power_users py-kms \
  && chown py-kms:users /home/py-kms \
  # Fix undefined timezone, in case the user did not mount the /etc/localtime
  && ln -sf /usr/share/zoneinfo/UTC /etc/localtime
--- a/docker/docker-py3-kms/Dockerfile
+++ b/docker/docker-py3-kms/Dockerfile
@ -27,16 +27,12 @@ RUN apk add --no-cache --update \
  ca-certificates \
  tzdata \
  shadow \
  sudo  \
  netcat-openbsd \
  && pip3 install --no-cache-dir -r /home/py-kms/requirements.txt \
  #&& apk del git build-base python3-dev \
  && mkdir /db/ \
  && addgroup power_users  \
  && adduser -S py-kms -G users -s /bin/bash \
  && usermod -aG power_users py-kms \
  && chown py-kms:users /home/py-kms \
  && echo "py-kms ALL= NOPASSWD: /bin/usermod -u py-kms *" >/etc/sudoers.d/py-kms \
  # Fix undefined timezone, in case the user did not mount the /etc/localtime
  && ln -sf /usr/share/zoneinfo/UTC /etc/localtime
--- a/docker/entrypoint.py
+++ b/docker/entrypoint.py
@ -31,7 +31,7 @@ def change_uid_grp():
    loggersrv.info(f'not root user, cannot change uid/gid.')
    return None
  user_db_entries = pwd.getpwnam("py-kms")
-  user_grp_db_entries = grp.getgrnam("power_users")
+  user_grp_db_entries = grp.getgrnam("users")
  uid = int(user_db_entries.pw_uid)
  gid = int(user_grp_db_entries.gr_gid)
  new_gid = int(os.getenv('GID', str(gid)))
@ -66,13 +66,15 @@ def change_uid_grp():
 def change_tz():
  tz = os.getenv('TZ', 'etc/UTC')
  # TZ is not symlinked and defined TZ exists
-  if tz not in os.readlink('/etc/localtime') and os.path.isfile('/usr/share/zoneinfo/' + tz):
+  if tz not in os.readlink('/etc/localtime') and os.path.isfile('/usr/share/zoneinfo/' + tz) and hasattr(time, 'tzset'):
    loggersrv.info("Setting timzeone to %s" % tz )
    # time.tzet() should be called on Unix, but doesn't exist on Windows.
    time.tzset()
 # Main
 if (__name__ == "__main__"):
  loggersrv.info("Log level: %s" % log_level)
  loggersrv.debug("user id: %s" % os.getuid())
  change_tz()
  childProcess = subprocess.Popen(PYTHON3 + " -u /usr/bin/start.py", preexec_fn=change_uid_grp(), shell=True)
  def shutdown(signum, frame):
--- a/docker/requirements.txt
+++ b/docker/requirements.txt
@ -1,6 +1,5 @@
-argparse
+Flask==2.1.2
-flask
+Pygments==2.12.0
-pygments
+dnspython==2.2.1
-dnspython
+tzlocal==4.2
-tzlocal
+sqlite-web==0.4.0
 sqlite-web
--- a/docker/requirements_minimal.txt
+++ b/docker/requirements_minimal.txt
@ -1,5 +1,4 @@
-argparse
+Flask==2.1.2
-flask
+Pygments==2.12.0
-pygments
+dnspython==2.2.1
-dnspython
+tzlocal==4.2
 tzlocal
--- a/docker/start.py
+++ b/docker/start.py
@ -21,10 +21,9 @@ argumentVariableMapping = {
 }
 sqliteWebPath = '/home/sqlite_web/sqlite_web.py'
-enableSQLITE = os.environ.get('SQLITE', 'false').lower() == 'true'
+enableSQLITE = os.environ.get('SQLITE', 'false').lower() == 'true' and  os.environ.get('TYPE') != 'MINIMAL'
 enableSQLITE = os.getenv('TYPE') != 'MINIMAL'
 dbPath = os.path.join(os.sep, 'home', 'py-kms', 'db', 'pykms_database.db')
-log_level_bootstrap = log_level = os.getenv('LOGLEVEL', 'INFO')
+log_level_bootstrap = log_level = os.environ.get('LOGLEVEL', 'INFO')
 if log_level_bootstrap == "MININFO":
  log_level_bootstrap = "INFO"
 log_file = os.environ.get('LOGFILE', 'STDOUT')
@ -107,4 +106,5 @@ if (__name__ == "__main__"):
                                datefmt='%a, %d %b %Y %H:%M:%S')
  streamhandler.setFormatter(formatter)
  loggersrv.addHandler(streamhandler)
  loggersrv.debug("user id: %s" % os.getuid())
  start_kms()