diff --git a/Dockerfile b/Dockerfile index aac7e7a..a53f81a 100644 --- a/Dockerfile +++ b/Dockerfile @@ -3,9 +3,7 @@ MAINTAINER Liang Ding ADD . /wide/gogogo/src/github.com/b3log/wide -RUN useradd wide && chown -R wide:wide /wide && useradd wide_runner - -USER wide +RUN useradd runner ENV GOROOT /usr/src/go ENV GOPATH /wide/gogogo diff --git a/output/outputs.go b/output/outputs.go index f5417b9..e9e4ead 100644 --- a/output/outputs.go +++ b/output/outputs.go @@ -110,12 +110,12 @@ func RunHandler(w http.ResponseWriter, r *http.Request) { cmd.SysProcAttr = &syscall.SysProcAttr{} cmd.SysProcAttr.Cloneflags = syscall.CLONE_NEWUSER | syscall.CLONE_NEWNS | syscall.CLONE_NEWUTS | syscall.CLONE_NEWPID | syscall.CLONE_NEWIPC | syscall.CLONE_NEWNET cmd.SysProcAttr.Credential = &syscall.Credential{ - Uid: 1001, - Gid: 1001, + Uid: 0, + Gid: 0, } - cmd.SysProcAttr.UidMappings = []syscall.SysProcIDMap{{ContainerID: 1001, HostID: 1001, Size: 1}} - cmd.SysProcAttr.GidMappings = []syscall.SysProcIDMap{{ContainerID: 1001, HostID: 1001, Size: 1}} + cmd.SysProcAttr.UidMappings = []syscall.SysProcIDMap{{ContainerID: 0, HostID: 1000, Size: 1}} + cmd.SysProcAttr.GidMappings = []syscall.SysProcIDMap{{ContainerID: 0, HostID: 1000, Size: 1}} stdout, err := cmd.StdoutPipe() if nil != err {