Skip to content

J
Jupyter Docker Stacks
Commit d52c7023 authored by Graham Dumpleton's avatar Graham Dumpleton
Browse files
Options

Disable su/sudo access unless sudo explicitly enabled for a specific user using GRANT_SUDO.

parent 65761486
Hide whitespace changes
Inline Side-by-side
Showing with 3 additions and 2 deletions
base-notebook/Dockerfile
View file @ d52c7023
......@@ -49,8 +49,9 @@ RUN sed -i 's/^#force_color_prompt=yes/force_color_prompt=yes/' /etc/skel/.bashr
# Create NB_USER wtih name jovyan user with UID=1000 and in the 'users' group
# and make sure these dirs are writable by the `users` group.
RUN groupadd wheel -g 11 && \
echo "auth required pam_wheel.so use_uid" >> /etc/pam.d/su && \
RUN echo "auth requisite pam_deny.so" >> /etc/pam.d/su && \
sed -i.bak -e 's/^%admin/#%admin/' /etc/sudoers && \
sed -i.bak -e 's/^%sudo/#%sudo/' /etc/sudoers && \
useradd -m -s /bin/bash -N -u $NB_UID $NB_USER && \
mkdir -p $CONDA_DIR && \
chown $NB_USER:$NB_GID $CONDA_DIR && \
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment