Refactor Dockerfile and README to simplify user permissions and remove unnecessary user setup

2026-05-16 14:38:12 +02:00
parent a0c6342389
commit f1be45c147
2 changed files with 1 additions and 18 deletions
@@ -5,27 +5,13 @@ RUN apt-get update && \
        krb5-kdc \
        krb5-admin-server \
        krb5-config \
-        libcap2-bin \
        tini && \
    rm -rf /var/lib/apt/lists/*

-RUN groupadd -r krb5 && useradd -r -g krb5 -s /sbin/nologin krb5
-
-# Allow binding to privileged ports without root
-RUN setcap cap_net_bind_service=+ep /usr/sbin/krb5kdc && \
-    setcap cap_net_bind_service=+ep /usr/sbin/kadmind
-
-# Pre-create files the entrypoint writes to outside the volume
-RUN mkdir -p /etc/krb5kdc && \
-    touch /etc/krb5.conf && \
-    chown -R krb5:krb5 /etc/krb5kdc /etc/krb5.conf /var/lib/krb5kdc
-
-COPY --chown=krb5:krb5 entrypoint.sh /entrypoint
+COPY entrypoint.sh /entrypoint

 RUN chmod +x /entrypoint

-USER krb5
-
 EXPOSE 88/tcp 88/udp 464/tcp 464/udp 749/tcp

 ENTRYPOINT ["tini", "--", "/entrypoint"]