Remove sudo capability for onap user for VF-C ems docker

author yangyan <yangyanyj@chinamobile.com>

Thu, 5 Mar 2020 03:15:39 +0000 (11:15 +0800)

committer yangyan <yangyanyj@chinamobile.com>

Thu, 5 Mar 2020 03:17:18 +0000 (11:17 +0800)
author yangyan <yangyanyj@chinamobile.com>
Thu, 5 Mar 2020 03:15:39 +0000 (11:15 +0800)
committer yangyan <yangyanyj@chinamobile.com>
Thu, 5 Mar 2020 03:17:18 +0000 (11:17 +0800)
diff --git a/ems/microservice-standalone/src/main/assembly/docker/docker-env-config.sh b/ems/microservice-standalone/src/main/assembly/docker/docker-env-config.sh

index 9cfdeea..c3a16c3 100644 (file)
--- a/ems/microservice-standalone/src/main/assembly/docker/docker-env-config.sh
+++ b/ems/microservice-standalone/src/main/assembly/docker/docker-env-config.sh
@@ -22,11 +22,9 @@ install_sf(){
  add_user(){
  
         useradd onap
-       yum -y install sudo
-       chmod u+x /etc/sudoers
-       sed -i '/Same thing without a password/a\onap    ALL=(ALL:ALL) NOPASSWD:ALL' /etc/sudoers
-       chmod u-x /etc/sudoers
         chown onap:onap -R /service
+       chmod g+s /service
+       setfacl -d --set u:onap:rwx /service
  }
  
  clean_sf_cache(){
author	yangyan <yangyanyj@chinamobile.com>
	Thu, 5 Mar 2020 03:15:39 +0000 (11:15 +0800)
committer	yangyan <yangyanyj@chinamobile.com>
	Thu, 5 Mar 2020 03:17:18 +0000 (11:17 +0800)