From ee3f7df6eb420c2ccc184dfdd9d1b1c714d855d0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Nils=20B=C3=BChner?= <buehner@terrestris.de>
Date: Tue, 20 Feb 2024 15:34:56 +0100
Subject: [PATCH] fix: do not run as custom user

---
 Dockerfile | 10 +---------
 1 file changed, 1 insertion(+), 9 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index f465b0d..f0f2c6a 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -141,15 +141,7 @@ RUN find / -perm /6000 -type f -exec chmod a-s {} \; || true
 
 # GeoServer user => restrict access to $CATALINA_HOME and GeoServer directories
 # See also CIS Docker benchmark and docker best practices
-RUN chmod +x /opt/*.sh \
-    && groupadd geoserver  \
-    && useradd --no-log-init -u 2000 -r -g geoserver geoserver \
-    && chown -R geoserver:geoserver $CATALINA_HOME \
-    && chmod g-w,o-rwx $CATALINA_HOME \
-    && chown -R geoserver:geoserver $GEOSERVER_DATA_DIR \
-    && chown -R geoserver:geoserver $GEOSERVER_LIB_DIR
-
-USER geoserver
+RUN chmod +x /opt/*.sh
 
 ENTRYPOINT ["/opt/startup.sh"]