diff --git a/Dockerfiles/agent/alpine/Dockerfile b/Dockerfiles/agent/alpine/Dockerfile index 2f6e5b18b..772afd38c 100644 --- a/Dockerfiles/agent/alpine/Dockerfile +++ b/Dockerfiles/agent/alpine/Dockerfile @@ -59,7 +59,6 @@ RUN set -eux && \ --shell /sbin/nologin \ --home /var/lib/zabbix/ \ zabbix && \ - adduser zabbix root && \ mkdir -p /etc/zabbix && \ mkdir -p /etc/zabbix/zabbix_agentd.d && \ mkdir -p /var/lib/zabbix && \ diff --git a/Dockerfiles/agent/centos/Dockerfile b/Dockerfiles/agent/centos/Dockerfile index 8e44d1bee..ed1ff5fb4 100644 --- a/Dockerfiles/agent/centos/Dockerfile +++ b/Dockerfiles/agent/centos/Dockerfile @@ -55,7 +55,7 @@ RUN set -eux && \ zabbix && \ useradd \ --system --comment "Zabbix monitoring system" \ - -g zabbix -G root \ + -g zabbix \ --uid 1997 \ --shell /sbin/nologin \ --home-dir /var/lib/zabbix/ \ diff --git a/Dockerfiles/agent/ol/Dockerfile b/Dockerfiles/agent/ol/Dockerfile index 6ae4726fc..206e86119 100644 --- a/Dockerfiles/agent/ol/Dockerfile +++ b/Dockerfiles/agent/ol/Dockerfile @@ -57,7 +57,7 @@ RUN set -eux && \ useradd \ --system \ --comment "Zabbix monitoring system" \ - -g zabbix -G root \ + -g zabbix \ --uid 1997 \ --shell /sbin/nologin \ --home-dir /var/lib/zabbix/ \ diff --git a/Dockerfiles/agent/rhel/Dockerfile b/Dockerfiles/agent/rhel/Dockerfile index b0f7def94..383c2ab5c 100644 --- a/Dockerfiles/agent/rhel/Dockerfile +++ b/Dockerfiles/agent/rhel/Dockerfile @@ -82,7 +82,7 @@ RUN set -eux && \ useradd \ --system \ --comment "Zabbix monitoring system" \ - -g zabbix -G root \ + -g zabbix \ --uid 1997 \ --shell /sbin/nologin \ --home-dir /var/lib/zabbix/ \ diff --git a/Dockerfiles/agent/ubuntu/Dockerfile b/Dockerfiles/agent/ubuntu/Dockerfile index d8a66651d..fa6fcf24e 100644 --- a/Dockerfiles/agent/ubuntu/Dockerfile +++ b/Dockerfiles/agent/ubuntu/Dockerfile @@ -54,7 +54,6 @@ RUN set -eux && \ --system \ --comment "Zabbix monitoring system" \ -g zabbix \ - -G root \ --uid 1997 \ --shell /sbin/nologin \ --home-dir /var/lib/zabbix/ \ diff --git a/Dockerfiles/agent2/alpine/Dockerfile b/Dockerfiles/agent2/alpine/Dockerfile index 7f0dcd46b..d339a364d 100644 --- a/Dockerfiles/agent2/alpine/Dockerfile +++ b/Dockerfiles/agent2/alpine/Dockerfile @@ -62,7 +62,7 @@ RUN set -eux && \ --shell /sbin/nologin \ --home /var/lib/zabbix/ \ zabbix && \ - adduser zabbix root && \ + echo "zabbix ALL=(root) NOPASSWD: /usr/sbin/smartctl" >> /etc/sudoers.d/zabbix && \ mkdir -p /etc/zabbix && \ mkdir -p /etc/zabbix/zabbix_agentd.d && \ mkdir -p /var/lib/zabbix && \ diff --git a/Dockerfiles/agent2/centos/Dockerfile b/Dockerfiles/agent2/centos/Dockerfile index 00b7cecfc..8b4fcc2d7 100644 --- a/Dockerfiles/agent2/centos/Dockerfile +++ b/Dockerfiles/agent2/centos/Dockerfile @@ -63,11 +63,11 @@ RUN set -eux && \ --system \ --comment "Zabbix monitoring system" \ -g zabbix \ - -G root \ --uid 1997 \ --shell /sbin/nologin \ --home-dir /var/lib/zabbix/ \ zabbix && \ + echo "zabbix ALL=(root) NOPASSWD: /usr/sbin/smartctl" >> /etc/sudoers.d/zabbix && \ mkdir -p /etc/zabbix && \ mkdir -p /etc/zabbix/zabbix_agentd.d && \ mkdir -p /var/lib/zabbix && \ diff --git a/Dockerfiles/agent2/ol/Dockerfile b/Dockerfiles/agent2/ol/Dockerfile index ddc99b7ef..0fea1b10f 100644 --- a/Dockerfiles/agent2/ol/Dockerfile +++ b/Dockerfiles/agent2/ol/Dockerfile @@ -64,11 +64,11 @@ RUN set -eux && \ --system \ --comment "Zabbix monitoring system" \ -g zabbix \ - -G root \ --uid 1997 \ --shell /sbin/nologin \ --home-dir /var/lib/zabbix/ \ zabbix && \ + echo "zabbix ALL=(root) NOPASSWD: /usr/sbin/smartctl" >> /etc/sudoers.d/zabbix && \ mkdir -p /etc/zabbix && \ mkdir -p /etc/zabbix/zabbix_agentd.d && \ mkdir -p /var/lib/zabbix && \ diff --git a/Dockerfiles/agent2/rhel/Dockerfile b/Dockerfiles/agent2/rhel/Dockerfile index 1555a54df..cc22f18b3 100644 --- a/Dockerfiles/agent2/rhel/Dockerfile +++ b/Dockerfiles/agent2/rhel/Dockerfile @@ -90,11 +90,11 @@ RUN set -eux && \ --system \ --comment "Zabbix monitoring system" \ -g zabbix \ - -G root \ --uid 1997 \ --shell /sbin/nologin \ --home-dir /var/lib/zabbix/ \ zabbix && \ + echo "zabbix ALL=(root) NOPASSWD: /usr/sbin/smartctl" >> /etc/sudoers.d/zabbix && \ mkdir -p /etc/zabbix && \ mkdir -p /etc/zabbix/zabbix_agentd.d && \ mkdir -p /var/lib/zabbix && \ diff --git a/Dockerfiles/agent2/ubuntu/Dockerfile b/Dockerfiles/agent2/ubuntu/Dockerfile index a59b9e678..f3d1f80da 100644 --- a/Dockerfiles/agent2/ubuntu/Dockerfile +++ b/Dockerfiles/agent2/ubuntu/Dockerfile @@ -59,11 +59,11 @@ RUN set -eux && \ --system \ --comment "Zabbix monitoring system" \ -g zabbix \ - -G root \ --uid 1997 \ --shell /sbin/nologin \ --home-dir /var/lib/zabbix/ \ zabbix && \ + echo "zabbix ALL=(root) NOPASSWD: /usr/sbin/smartctl" >> /etc/sudoers.d/zabbix && \ mkdir -p /etc/zabbix && \ mkdir -p /etc/zabbix/zabbix_agentd.d && \ mkdir -p /var/lib/zabbix && \ diff --git a/Dockerfiles/java-gateway/alpine/Dockerfile b/Dockerfiles/java-gateway/alpine/Dockerfile index 199aa6a7a..6ab79cf55 100644 --- a/Dockerfiles/java-gateway/alpine/Dockerfile +++ b/Dockerfiles/java-gateway/alpine/Dockerfile @@ -50,7 +50,6 @@ RUN set -eux && \ --shell /sbin/nologin \ --home /var/lib/zabbix/ \ zabbix && \ - adduser zabbix root && \ mkdir -p /etc/zabbix/ && \ mkdir -p /usr/sbin/zabbix_java/ && \ mkdir -p /usr/sbin/zabbix_java/ext_lib/ && \ diff --git a/Dockerfiles/java-gateway/centos/Dockerfile b/Dockerfiles/java-gateway/centos/Dockerfile index f325d1175..21b162bc4 100644 --- a/Dockerfiles/java-gateway/centos/Dockerfile +++ b/Dockerfiles/java-gateway/centos/Dockerfile @@ -49,7 +49,6 @@ RUN set -eux && \ --system \ --comment "Zabbix monitoring system" \ -g zabbix \ - -G root \ --uid 1997 \ --shell /sbin/nologin \ --home-dir /var/lib/zabbix/ \ diff --git a/Dockerfiles/java-gateway/ol/Dockerfile b/Dockerfiles/java-gateway/ol/Dockerfile index b971d7872..4502b1c08 100644 --- a/Dockerfiles/java-gateway/ol/Dockerfile +++ b/Dockerfiles/java-gateway/ol/Dockerfile @@ -49,7 +49,6 @@ RUN set -eux && \ --system \ --comment "Zabbix monitoring system" \ -g zabbix \ - -G root \ --uid 1997 \ --shell /sbin/nologin \ --home-dir /var/lib/zabbix/ \ diff --git a/Dockerfiles/java-gateway/rhel/Dockerfile b/Dockerfiles/java-gateway/rhel/Dockerfile index d0f51288a..ffa4d1029 100644 --- a/Dockerfiles/java-gateway/rhel/Dockerfile +++ b/Dockerfiles/java-gateway/rhel/Dockerfile @@ -69,7 +69,6 @@ RUN set -eux && \ --system \ --comment "Zabbix monitoring system" \ -g zabbix \ - -G root \ --uid 1997 \ --shell /sbin/nologin \ --home-dir /var/lib/zabbix/ \ diff --git a/Dockerfiles/java-gateway/ubuntu/Dockerfile b/Dockerfiles/java-gateway/ubuntu/Dockerfile index 47c9ea12b..a28f44746 100644 --- a/Dockerfiles/java-gateway/ubuntu/Dockerfile +++ b/Dockerfiles/java-gateway/ubuntu/Dockerfile @@ -45,7 +45,6 @@ RUN set -eux && \ --system \ --comment "Zabbix monitoring system" \ -g zabbix \ - -G root \ --uid 1997 \ --shell /sbin/nologin \ --home-dir /var/lib/zabbix/ \ diff --git a/Dockerfiles/proxy-mysql/alpine/Dockerfile b/Dockerfiles/proxy-mysql/alpine/Dockerfile index b1d2c82b3..71e7a7089 100644 --- a/Dockerfiles/proxy-mysql/alpine/Dockerfile +++ b/Dockerfiles/proxy-mysql/alpine/Dockerfile @@ -13,7 +13,8 @@ ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm \ ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ - MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL + MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ + NMAP_PRIVILEGED="" LABEL org.opencontainers.image.authors="Alexey Pustovalov " \ org.opencontainers.image.description="Zabbix proxy with MySQL database support" \ @@ -36,10 +37,10 @@ COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/database/mysql/create_proxy.sql RUN set -eux && \ INSTALL_PKGS="bash \ tini \ - sudo \ traceroute \ nmap \ iputils \ + libcap \ libcurl \ libevent \ libldap \ @@ -69,8 +70,8 @@ RUN set -eux && \ --shell /sbin/nologin \ --home /var/lib/zabbix/ \ zabbix && \ - adduser zabbix root && \ - echo "zabbix ALL=(root) NOPASSWD: /usr/bin/nmap" >> /etc/sudoers.d/zabbix && \ + chgrp zabbix /usr/bin/nmap && \ + setcap cap_net_raw+eip /usr/bin/nmap && \ mkdir -p /etc/zabbix && \ mkdir -p /var/lib/zabbix && \ mkdir -p /var/lib/zabbix/enc && \ diff --git a/Dockerfiles/proxy-mysql/centos/Dockerfile b/Dockerfiles/proxy-mysql/centos/Dockerfile index 20e984224..e1a9ba4d3 100644 --- a/Dockerfiles/proxy-mysql/centos/Dockerfile +++ b/Dockerfiles/proxy-mysql/centos/Dockerfile @@ -13,7 +13,8 @@ ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm \ ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ - MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL + MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ + NMAP_PRIVILEGED="" LABEL org.opencontainers.image.authors="Alexey Pustovalov " \ org.opencontainers.image.description="Zabbix proxy with MySQL database support" \ @@ -37,7 +38,6 @@ RUN set -eux && \ REPOLIST="baseos,appstream,crb,epel" && \ INSTALL_PKGS="libevent \ tini \ - sudo \ traceroute \ nmap \ gzip \ @@ -70,12 +70,12 @@ RUN set -eux && \ --system \ --comment "Zabbix monitoring system" \ -g zabbix \ - -G root \ --uid 1997 \ --shell /sbin/nologin \ --home-dir /var/lib/zabbix/ \ zabbix && \ - echo "zabbix ALL=(root) NOPASSWD: /usr/bin/nmap" >> /etc/sudoers.d/zabbix && \ + chgrp zabbix /usr/bin/nmap && \ + setcap cap_net_raw+eip /usr/bin/nmap && \ mkdir -p /etc/zabbix && \ mkdir -p /var/lib/zabbix && \ mkdir -p /var/lib/zabbix/enc && \ diff --git a/Dockerfiles/proxy-mysql/ol/Dockerfile b/Dockerfiles/proxy-mysql/ol/Dockerfile index 3ad6144c5..547682b08 100644 --- a/Dockerfiles/proxy-mysql/ol/Dockerfile +++ b/Dockerfiles/proxy-mysql/ol/Dockerfile @@ -13,7 +13,8 @@ ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm \ ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ - MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL + MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ + NMAP_PRIVILEGED="" LABEL org.opencontainers.image.authors="Alexey Pustovalov " \ org.opencontainers.image.description="Zabbix proxy with MySQL database support" \ @@ -37,7 +38,6 @@ COPY ["conf/etc/yum.repos.d/oracle-epel-ol9.repo", "/etc/yum.repos.d/oracle-epel RUN set -eux && \ INSTALL_PKGS="libevent \ tini \ - sudo \ traceroute \ nmap \ gzip \ @@ -72,12 +72,12 @@ RUN set -eux && \ --system \ --comment "Zabbix monitoring system" \ -g zabbix \ - -G root \ --uid 1997 \ --shell /sbin/nologin \ --home-dir /var/lib/zabbix/ \ zabbix && \ - echo "zabbix ALL=(root) NOPASSWD: /usr/bin/nmap" >> /etc/sudoers.d/zabbix && \ + chgrp zabbix /usr/bin/nmap && \ + setcap cap_net_raw+eip /usr/bin/nmap && \ mkdir -p /etc/zabbix && \ mkdir -p /var/lib/zabbix && \ mkdir -p /var/lib/zabbix/enc && \ diff --git a/Dockerfiles/proxy-mysql/rhel/Dockerfile b/Dockerfiles/proxy-mysql/rhel/Dockerfile index 3b2e79d33..aaf457b11 100644 --- a/Dockerfiles/proxy-mysql/rhel/Dockerfile +++ b/Dockerfiles/proxy-mysql/rhel/Dockerfile @@ -15,7 +15,8 @@ ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm \ ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ - MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL + MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ + NMAP_PRIVILEGED="" LABEL description="Zabbix proxy with MySQL database support" \ maintainer="alexey.pustovalov@zabbix.com" \ @@ -55,7 +56,6 @@ COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/database/mysql/create_proxy.sql RUN set -eux && \ INSTALL_PKGS="bash \ tini \ - sudo \ traceroute \ nmap \ shadow-utils \ @@ -102,12 +102,12 @@ RUN set -eux && \ --system \ --comment "Zabbix monitoring system" \ -g zabbix \ - -G root \ --uid 1997 \ --shell /sbin/nologin \ --home-dir /var/lib/zabbix/ \ zabbix && \ - echo "zabbix ALL=(root) NOPASSWD: /usr/bin/nmap" >> /etc/sudoers.d/zabbix && \ + chgrp zabbix /usr/bin/nmap && \ + setcap cap_net_raw+eip /usr/bin/nmap && \ mkdir -p /etc/zabbix && \ mkdir -p /var/lib/zabbix && \ mkdir -p /var/lib/zabbix/enc && \ diff --git a/Dockerfiles/proxy-mysql/ubuntu/Dockerfile b/Dockerfiles/proxy-mysql/ubuntu/Dockerfile index 07a03d582..b948c44e7 100644 --- a/Dockerfiles/proxy-mysql/ubuntu/Dockerfile +++ b/Dockerfiles/proxy-mysql/ubuntu/Dockerfile @@ -14,7 +14,8 @@ ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm \ ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ - MIBDIRS=/var/lib/mibs/ietf:/var/lib/mibs/iana:/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL + MIBDIRS=/var/lib/mibs/ietf:/var/lib/mibs/iana:/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ + NMAP_PRIVILEGED="" LABEL org.opencontainers.image.authors="Alexey Pustovalov " \ org.opencontainers.image.description="Zabbix proxy with MySQL database support" \ @@ -36,8 +37,8 @@ COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/database/mysql/create_proxy.sql RUN set -eux && \ echo "#!/bin/sh\nexit 101" > /usr/sbin/policy-rc.d && \ - INSTALL_PKGS="tini \ - sudo \ + INSTALL_PKGS="bash \ + tini \ traceroute \ nmap \ ca-certificates \ @@ -67,12 +68,12 @@ RUN set -eux && \ --system \ --comment "Zabbix monitoring system" \ -g zabbix \ - -G root \ --uid 1997 \ --shell /sbin/nologin \ --home-dir /var/lib/zabbix/ \ zabbix && \ - echo "zabbix ALL=(root) NOPASSWD: /usr/bin/nmap" >> /etc/sudoers.d/zabbix && \ + chgrp zabbix /usr/bin/nmap && \ + setcap cap_net_raw+eip /usr/bin/nmap && \ mkdir -p /etc/zabbix && \ mkdir -p /var/lib/zabbix && \ mkdir -p /var/lib/zabbix/enc && \ diff --git a/Dockerfiles/proxy-sqlite3/alpine/Dockerfile b/Dockerfiles/proxy-sqlite3/alpine/Dockerfile index 5a3b2f1b3..3268cfa5d 100644 --- a/Dockerfiles/proxy-sqlite3/alpine/Dockerfile +++ b/Dockerfiles/proxy-sqlite3/alpine/Dockerfile @@ -13,7 +13,8 @@ ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm \ ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ - MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL + MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ + NMAP_PRIVILEGED="" LABEL org.opencontainers.image.authors="Alexey Pustovalov " \ org.opencontainers.image.description="Zabbix proxy with SQLite3 database support" \ @@ -35,11 +36,11 @@ COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/conf/zabbix_proxy.conf", "/etc/ RUN set -eux && \ INSTALL_PKGS="bash \ tini \ - sudo \ traceroute \ nmap \ fping \ iputils \ + libcap \ libcurl \ libevent \ libldap \ @@ -67,8 +68,8 @@ RUN set -eux && \ --shell /sbin/nologin \ --home /var/lib/zabbix/ \ zabbix && \ - echo "zabbix ALL=(root) NOPASSWD: /usr/bin/nmap" >> /etc/sudoers.d/zabbix && \ - adduser zabbix root && \ + chgrp zabbix /usr/bin/nmap && \ + setcap cap_net_raw+eip /usr/bin/nmap && \ mkdir -p /etc/zabbix && \ mkdir -p /var/lib/zabbix && \ mkdir -p /var/lib/zabbix/db_data && \ diff --git a/Dockerfiles/proxy-sqlite3/centos/Dockerfile b/Dockerfiles/proxy-sqlite3/centos/Dockerfile index 9cc1cad69..494ca92ca 100644 --- a/Dockerfiles/proxy-sqlite3/centos/Dockerfile +++ b/Dockerfiles/proxy-sqlite3/centos/Dockerfile @@ -13,7 +13,8 @@ ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm \ ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ - MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL + MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ + NMAP_PRIVILEGED="" LABEL org.opencontainers.image.authors="Alexey Pustovalov " \ org.opencontainers.image.description="Zabbix proxy with SQLite3 database support" \ @@ -36,7 +37,6 @@ RUN set -eux && \ REPOLIST="baseos,appstream,epel" && \ INSTALL_PKGS="libevent \ tini \ - sudo \ traceroute \ nmap \ libssh \ @@ -67,12 +67,12 @@ RUN set -eux && \ --system \ --comment "Zabbix monitoring system" \ -g zabbix \ - -G root \ --uid 1997 \ --shell /sbin/nologin \ --home-dir /var/lib/zabbix/ \ zabbix && \ - echo "zabbix ALL=(root) NOPASSWD: /usr/bin/nmap" >> /etc/sudoers.d/zabbix && \ + chgrp zabbix /usr/bin/nmap && \ + setcap cap_net_raw+eip /usr/bin/nmap && \ mkdir -p /etc/zabbix && \ mkdir -p /var/lib/zabbix && \ mkdir -p /var/lib/zabbix/db_data && \ diff --git a/Dockerfiles/proxy-sqlite3/ol/Dockerfile b/Dockerfiles/proxy-sqlite3/ol/Dockerfile index 6a96f81d6..47e1b5f70 100644 --- a/Dockerfiles/proxy-sqlite3/ol/Dockerfile +++ b/Dockerfiles/proxy-sqlite3/ol/Dockerfile @@ -13,7 +13,8 @@ ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm \ ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ - MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL + MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ + NMAP_PRIVILEGED="" LABEL org.opencontainers.image.authors="Alexey Pustovalov " \ org.opencontainers.image.description="Zabbix proxy with SQLite3 database support" \ @@ -36,7 +37,6 @@ COPY ["conf/etc/yum.repos.d/oracle-epel-ol9.repo", "/etc/yum.repos.d/oracle-epel RUN set -eux && \ INSTALL_PKGS="libevent \ tini \ - sudo \ traceroute \ nmap \ libssh \ @@ -68,12 +68,12 @@ RUN set -eux && \ --system \ --comment "Zabbix monitoring system" \ -g zabbix \ - -G root \ --uid 1997 \ --shell /sbin/nologin \ --home-dir /var/lib/zabbix/ \ zabbix && \ - echo "zabbix ALL=(root) NOPASSWD: /usr/bin/nmap" >> /etc/sudoers.d/zabbix && \ + chgrp zabbix /usr/bin/nmap && \ + setcap cap_net_raw+eip /usr/bin/nmap && \ mkdir -p /etc/zabbix && \ mkdir -p /var/lib/zabbix && \ mkdir -p /var/lib/zabbix/db_data && \ diff --git a/Dockerfiles/proxy-sqlite3/rhel/Dockerfile b/Dockerfiles/proxy-sqlite3/rhel/Dockerfile index cc118c3e9..1097de200 100644 --- a/Dockerfiles/proxy-sqlite3/rhel/Dockerfile +++ b/Dockerfiles/proxy-sqlite3/rhel/Dockerfile @@ -15,7 +15,8 @@ ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm \ ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ - MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL + MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ + NMAP_PRIVILEGED="" LABEL description="Zabbix proxy with SQLite3 database support" \ maintainer="alexey.pustovalov@zabbix.com" \ @@ -54,7 +55,6 @@ COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/conf/zabbix_proxy.conf", "/etc/ RUN set -eux && \ INSTALL_PKGS="bash \ tini \ - sudo \ traceroute \ nmap \ shadow-utils \ @@ -99,12 +99,12 @@ RUN set -eux && \ --system \ --comment "Zabbix monitoring system" \ -g zabbix \ - -G root \ --uid 1997 \ --shell /sbin/nologin \ --home-dir /var/lib/zabbix/ \ zabbix && \ - echo "zabbix ALL=(root) NOPASSWD: /usr/bin/nmap" >> /etc/sudoers.d/zabbix && \ + chgrp zabbix /usr/bin/nmap && \ + setcap cap_net_raw+eip /usr/bin/nmap && \ mkdir -p /etc/zabbix && \ mkdir -p /var/lib/zabbix && \ mkdir -p /var/lib/zabbix/db_data && \ diff --git a/Dockerfiles/proxy-sqlite3/ubuntu/Dockerfile b/Dockerfiles/proxy-sqlite3/ubuntu/Dockerfile index 4cc8781ec..7b8f15705 100644 --- a/Dockerfiles/proxy-sqlite3/ubuntu/Dockerfile +++ b/Dockerfiles/proxy-sqlite3/ubuntu/Dockerfile @@ -13,7 +13,8 @@ ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm \ ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ - MIBDIRS=/var/lib/mibs/ietf:/var/lib/mibs/iana:/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL + MIBDIRS=/var/lib/mibs/ietf:/var/lib/mibs/iana:/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ + NMAP_PRIVILEGED="" LABEL org.opencontainers.image.authors="Alexey Pustovalov " \ org.opencontainers.image.description="Zabbix proxy with SQLite3 database support" \ @@ -36,7 +37,6 @@ RUN set -eux && \ echo "#!/bin/sh\nexit 101" > /usr/sbin/policy-rc.d && \ INSTALL_PKGS="bash \ tini \ - sudo \ traceroute \ nmap \ ca-certificates \ @@ -65,12 +65,12 @@ RUN set -eux && \ --system \ --comment "Zabbix monitoring system" \ -g zabbix \ - -G root \ --uid 1997 \ --shell /sbin/nologin \ --home-dir /var/lib/zabbix/ \ zabbix && \ - echo "zabbix ALL=(root) NOPASSWD: /usr/bin/nmap" >> /etc/sudoers.d/zabbix && \ + chgrp zabbix /usr/bin/nmap && \ + setcap cap_net_raw+eip /usr/bin/nmap && \ mkdir -p /etc/zabbix && \ mkdir -p /var/lib/zabbix && \ mkdir -p /var/lib/zabbix/db_data && \ diff --git a/Dockerfiles/server-mysql/alpine/Dockerfile b/Dockerfiles/server-mysql/alpine/Dockerfile index 3369b0f65..e2a8c9a7d 100644 --- a/Dockerfiles/server-mysql/alpine/Dockerfile +++ b/Dockerfiles/server-mysql/alpine/Dockerfile @@ -13,7 +13,8 @@ ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm \ ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ - MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL + MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ + NMAP_PRIVILEGED="" LABEL org.opencontainers.image.authors="Alexey Pustovalov " \ org.opencontainers.image.description="Zabbix server with MySQL database support" \ @@ -37,11 +38,11 @@ RUN set -eux && \ INSTALL_PKGS="bash \ tini \ fping \ - sudo \ traceroute \ nmap \ tzdata \ iputils \ + libcap \ libcurl \ libevent \ libldap \ @@ -70,9 +71,9 @@ RUN set -eux && \ --shell /sbin/nologin \ --home /var/lib/zabbix/ \ zabbix && \ - adduser zabbix root && \ adduser zabbix dialout && \ - echo "zabbix ALL=(root) NOPASSWD: /usr/bin/nmap" >> /etc/sudoers.d/zabbix && \ + chgrp zabbix /usr/bin/nmap && \ + setcap cap_net_raw+eip /usr/bin/nmap && \ mkdir -p /etc/zabbix && \ mkdir -p /var/lib/zabbix && \ mkdir -p /usr/lib/zabbix/alertscripts && \ diff --git a/Dockerfiles/server-mysql/centos/Dockerfile b/Dockerfiles/server-mysql/centos/Dockerfile index b4a15e5ed..c5b76b4d6 100644 --- a/Dockerfiles/server-mysql/centos/Dockerfile +++ b/Dockerfiles/server-mysql/centos/Dockerfile @@ -13,7 +13,8 @@ ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm \ ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ - MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL + MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ + NMAP_PRIVILEGED="" LABEL org.opencontainers.image.authors="Alexey Pustovalov " \ org.opencontainers.image.description="Zabbix server with MySQL database support" \ @@ -37,7 +38,6 @@ RUN set -eux && \ REPOLIST="baseos,appstream,crb,epel" && \ INSTALL_PKGS="fping \ tini \ - sudo \ traceroute \ nmap \ file-libs \ @@ -80,12 +80,13 @@ RUN set -eux && \ --system \ --comment "Zabbix monitoring system" \ -g zabbix \ - -G root,dialout \ + -G dialout \ --uid 1997 \ --shell /sbin/nologin \ --home-dir /var/lib/zabbix/ \ zabbix && \ - echo "zabbix ALL=(root) NOPASSWD: /usr/bin/nmap" >> /etc/sudoers.d/zabbix && \ + chgrp zabbix /usr/bin/nmap && \ + setcap cap_net_raw+eip /usr/bin/nmap && \ mkdir -p /etc/zabbix && \ mkdir -p /var/lib/zabbix && \ mkdir -p /usr/lib/zabbix/alertscripts && \ diff --git a/Dockerfiles/server-mysql/ol/Dockerfile b/Dockerfiles/server-mysql/ol/Dockerfile index 774036f4d..2a460c916 100644 --- a/Dockerfiles/server-mysql/ol/Dockerfile +++ b/Dockerfiles/server-mysql/ol/Dockerfile @@ -13,7 +13,8 @@ ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm \ ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ - MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL + MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ + NMAP_PRIVILEGED="" LABEL org.opencontainers.image.authors="Alexey Pustovalov " \ org.opencontainers.image.description="Zabbix server with MySQL database support" \ @@ -38,7 +39,6 @@ RUN set -eux && \ INSTALL_PKGS="bash \ fping \ tini \ - sudo \ traceroute \ nmap \ file-libs \ @@ -75,12 +75,13 @@ RUN set -eux && \ --system \ --comment "Zabbix monitoring system" \ -g zabbix \ - -G root,dialout \ + -G dialout \ --uid 1997 \ --shell /sbin/nologin \ --home-dir /var/lib/zabbix/ \ zabbix && \ - echo "zabbix ALL=(root) NOPASSWD: /usr/bin/nmap" >> /etc/sudoers.d/zabbix && \ + chgrp zabbix /usr/bin/nmap && \ + setcap cap_net_raw+eip /usr/bin/nmap && \ mkdir -p /etc/zabbix && \ mkdir -p /var/lib/zabbix && \ mkdir -p /usr/lib/zabbix/alertscripts && \ diff --git a/Dockerfiles/server-mysql/rhel/Dockerfile b/Dockerfiles/server-mysql/rhel/Dockerfile index 18325df01..b86a64436 100644 --- a/Dockerfiles/server-mysql/rhel/Dockerfile +++ b/Dockerfiles/server-mysql/rhel/Dockerfile @@ -15,7 +15,8 @@ ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm \ ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ - MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL + MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ + NMAP_PRIVILEGED="" LABEL description="Zabbix server with MySQL database support" \ maintainer="alexey.pustovalov@zabbix.com" \ @@ -55,7 +56,6 @@ COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/database/mysql/create_server.sq RUN set -eux && \ INSTALL_PKGS="bash \ tini \ - sudo \ traceroute \ nmap \ fping \ @@ -110,12 +110,13 @@ RUN set -eux && \ --system \ --comment "Zabbix monitoring system" \ -g zabbix \ - -G root \ + -G dialout \ --uid 1997 \ --shell /sbin/nologin \ --home-dir /var/lib/zabbix/ \ zabbix && \ - echo "zabbix ALL=(root) NOPASSWD: /usr/bin/nmap" >> /etc/sudoers.d/zabbix && \ + chgrp zabbix /usr/bin/nmap && \ + setcap cap_net_raw+eip /usr/bin/nmap && \ mkdir -p /etc/zabbix && \ mkdir -p /var/lib/zabbix && \ mkdir -p /usr/lib/zabbix/alertscripts && \ diff --git a/Dockerfiles/server-mysql/ubuntu/Dockerfile b/Dockerfiles/server-mysql/ubuntu/Dockerfile index 50b1cd91b..f6cbc38f3 100644 --- a/Dockerfiles/server-mysql/ubuntu/Dockerfile +++ b/Dockerfiles/server-mysql/ubuntu/Dockerfile @@ -13,7 +13,8 @@ ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm \ ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ - MIBDIRS=/var/lib/mibs/ietf:/var/lib/mibs/iana:/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL + MIBDIRS=/var/lib/mibs/ietf:/var/lib/mibs/iana:/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ + NMAP_PRIVILEGED="" LABEL org.opencontainers.image.authors="Alexey Pustovalov " \ org.opencontainers.image.description="Zabbix server with MySQL database support" \ @@ -37,7 +38,6 @@ RUN set -eux && \ echo "#!/bin/sh\nexit 101" > /usr/sbin/policy-rc.d && \ INSTALL_PKGS="bash \ tini \ - sudo \ traceroute \ nmap \ tzdata \ @@ -70,12 +70,13 @@ RUN set -eux && \ --system \ --comment "Zabbix monitoring system" \ -g zabbix \ - -G root,dialout \ + -G dialout \ --uid 1997 \ --shell /sbin/nologin \ --home-dir /var/lib/zabbix/ \ zabbix && \ - echo "zabbix ALL=(root) NOPASSWD: /usr/bin/nmap" >> /etc/sudoers.d/zabbix && \ + chgrp zabbix /usr/bin/nmap && \ + setcap cap_net_raw+eip /usr/bin/nmap && \ mkdir -p /etc/zabbix && \ mkdir -p /var/lib/zabbix && \ mkdir -p /usr/lib/zabbix/alertscripts && \ diff --git a/Dockerfiles/server-pgsql/alpine/Dockerfile b/Dockerfiles/server-pgsql/alpine/Dockerfile index f6b704b05..d9ed3143d 100644 --- a/Dockerfiles/server-pgsql/alpine/Dockerfile +++ b/Dockerfiles/server-pgsql/alpine/Dockerfile @@ -13,7 +13,8 @@ ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm \ ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ - MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL + MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ + NMAP_PRIVILEGED="" LABEL org.opencontainers.image.authors="Alexey Pustovalov " \ org.opencontainers.image.description="Zabbix server with PostgreSQL database support" \ @@ -39,7 +40,6 @@ COPY --from=builder ["/tmp/zabbix-${ZBX_VERSION}/database/postgresql/timescaledb RUN set -eux && \ INSTALL_PKGS="bash \ tini \ - sudo \ traceroute \ nmap \ fping \ @@ -73,9 +73,9 @@ RUN set -eux && \ --shell /sbin/nologin \ --home /var/lib/zabbix/ \ zabbix && \ - adduser zabbix root && \ adduser zabbix dialout && \ - echo "zabbix ALL=(root) NOPASSWD: /usr/bin/nmap" >> /etc/sudoers.d/zabbix && \ + chgrp zabbix /usr/bin/nmap && \ + setcap cap_net_raw+eip /usr/bin/nmap && \ mkdir -p /etc/zabbix && \ mkdir -p /var/lib/zabbix && \ mkdir -p /usr/lib/zabbix/alertscripts && \ diff --git a/Dockerfiles/server-pgsql/centos/Dockerfile b/Dockerfiles/server-pgsql/centos/Dockerfile index c3967b72e..2d62c231d 100644 --- a/Dockerfiles/server-pgsql/centos/Dockerfile +++ b/Dockerfiles/server-pgsql/centos/Dockerfile @@ -13,7 +13,8 @@ ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm \ ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ - MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL + MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ + NMAP_PRIVILEGED="" LABEL org.opencontainers.image.authors="Alexey Pustovalov " \ org.opencontainers.image.description="Zabbix server with PostgreSQL database support" \ @@ -41,7 +42,6 @@ RUN set -eux && \ INSTALL_PKGS="fping \ file-libs \ tini \ - sudo \ traceroute \ nmap \ iputils \ @@ -83,12 +83,13 @@ RUN set -eux && \ --system \ --comment "Zabbix monitoring system" \ -g zabbix \ - -G root,dialout \ + -G dialout \ --uid 1997 \ --shell /sbin/nologin \ --home-dir /var/lib/zabbix/ \ zabbix && \ - echo "zabbix ALL=(root) NOPASSWD: /usr/bin/nmap" >> /etc/sudoers.d/zabbix && \ + chgrp zabbix /usr/bin/nmap && \ + setcap cap_net_raw+eip /usr/bin/nmap && \ mkdir -p /etc/zabbix && \ mkdir -p /var/lib/zabbix && \ mkdir -p /usr/lib/zabbix/alertscripts && \ diff --git a/Dockerfiles/server-pgsql/ol/Dockerfile b/Dockerfiles/server-pgsql/ol/Dockerfile index 16c1b2e26..94c844e3b 100644 --- a/Dockerfiles/server-pgsql/ol/Dockerfile +++ b/Dockerfiles/server-pgsql/ol/Dockerfile @@ -13,7 +13,8 @@ ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm \ ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ - MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL + MIBDIRS=/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ + NMAP_PRIVILEGED="" LABEL org.opencontainers.image.title="Zabbix server (PostgreSQL)" \ org.opencontainers.image.authors="Alexey Pustovalov " \ @@ -41,7 +42,6 @@ RUN set -eux && \ INSTALL_PKGS="fping \ file-libs \ tini \ - sudo \ traceroute \ nmap \ iputils \ @@ -76,12 +76,13 @@ RUN set -eux && \ --system \ --comment "Zabbix monitoring system" \ -g zabbix \ - -G root,dialout \ + -G dialout \ --uid 1997 \ --shell /sbin/nologin \ --home-dir /var/lib/zabbix/ \ zabbix && \ - echo "zabbix ALL=(root) NOPASSWD: /usr/bin/nmap" >> /etc/sudoers.d/zabbix && \ + chgrp zabbix /usr/bin/nmap && \ + setcap cap_net_raw+eip /usr/bin/nmap && \ mkdir -p /etc/zabbix && \ mkdir -p /var/lib/zabbix && \ mkdir -p /usr/lib/zabbix/alertscripts && \ diff --git a/Dockerfiles/server-pgsql/ubuntu/Dockerfile b/Dockerfiles/server-pgsql/ubuntu/Dockerfile index 754fd6c9e..f80b82ccf 100644 --- a/Dockerfiles/server-pgsql/ubuntu/Dockerfile +++ b/Dockerfiles/server-pgsql/ubuntu/Dockerfile @@ -13,7 +13,8 @@ ARG ZBX_SOURCES=https://git.zabbix.com/scm/zbx/zabbix.git ENV TERM=xterm \ ZBX_VERSION=${ZBX_VERSION} ZBX_SOURCES=${ZBX_SOURCES} \ - MIBDIRS=/var/lib/mibs/ietf:/var/lib/mibs/iana:/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL + MIBDIRS=/var/lib/mibs/ietf:/var/lib/mibs/iana:/usr/share/snmp/mibs:/var/lib/zabbix/mibs MIBS=+ALL \ + NMAP_PRIVILEGED="" LABEL org.opencontainers.image.authors="Alexey Pustovalov " \ org.opencontainers.image.description="Zabbix server with PostgreSQL database support" \ @@ -40,7 +41,6 @@ RUN set -eux && \ echo "#!/bin/sh\nexit 101" > /usr/sbin/policy-rc.d && \ INSTALL_PKGS="bash \ tini \ - sudo \ traceroute \ nmap \ tzdata \ @@ -73,12 +73,13 @@ RUN set -eux && \ --system \ --comment "Zabbix monitoring system" \ -g zabbix \ - -G root,dialout \ + -G dialout \ --uid 1997 \ --shell /sbin/nologin \ --home-dir /var/lib/zabbix/ \ zabbix && \ - echo "zabbix ALL=(root) NOPASSWD: /usr/bin/nmap" >> /etc/sudoers.d/zabbix && \ + chgrp zabbix /usr/bin/nmap && \ + setcap cap_net_raw+eip /usr/bin/nmap && \ mkdir -p /etc/zabbix && \ mkdir -p /var/lib/zabbix && \ mkdir -p /usr/lib/zabbix/alertscripts && \ diff --git a/Dockerfiles/snmptraps/alpine/Dockerfile b/Dockerfiles/snmptraps/alpine/Dockerfile index 7111b8f0b..001b1415b 100644 --- a/Dockerfiles/snmptraps/alpine/Dockerfile +++ b/Dockerfiles/snmptraps/alpine/Dockerfile @@ -42,7 +42,6 @@ RUN set -eux && \ --shell /sbin/nologin \ --home /var/lib/zabbix/ \ zabbix && \ - adduser zabbix root && \ mkdir -p /var/lib/zabbix && \ mkdir -p /var/lib/zabbix/snmptraps && \ mkdir -p /var/lib/zabbix/mibs && \ diff --git a/Dockerfiles/snmptraps/centos/Dockerfile b/Dockerfiles/snmptraps/centos/Dockerfile index 6f6f282ec..4fb6e3ed0 100644 --- a/Dockerfiles/snmptraps/centos/Dockerfile +++ b/Dockerfiles/snmptraps/centos/Dockerfile @@ -41,7 +41,6 @@ RUN set -eux && \ --system \ --comment "Zabbix monitoring system" \ -g zabbix \ - -G root \ --uid 1997 \ --shell /sbin/nologin \ --home-dir /var/lib/zabbix/ \ diff --git a/Dockerfiles/snmptraps/ol/Dockerfile b/Dockerfiles/snmptraps/ol/Dockerfile index 7024df8dd..906ec5be8 100644 --- a/Dockerfiles/snmptraps/ol/Dockerfile +++ b/Dockerfiles/snmptraps/ol/Dockerfile @@ -41,7 +41,6 @@ RUN set -eux && \ --system \ --comment "Zabbix monitoring system" \ -g zabbix \ - -G root \ --uid 1997 \ --shell /sbin/nologin \ --home-dir /var/lib/zabbix/ \ diff --git a/Dockerfiles/snmptraps/rhel/Dockerfile b/Dockerfiles/snmptraps/rhel/Dockerfile index f6f29cec6..b7dc45b89 100644 --- a/Dockerfiles/snmptraps/rhel/Dockerfile +++ b/Dockerfiles/snmptraps/rhel/Dockerfile @@ -63,7 +63,6 @@ RUN set -eux && \ --system \ --comment "Zabbix monitoring system" \ -g zabbix \ - -G root \ --uid 1997 \ --shell /sbin/nologin \ --home-dir /var/lib/zabbix/ \ diff --git a/Dockerfiles/snmptraps/ubuntu/Dockerfile b/Dockerfiles/snmptraps/ubuntu/Dockerfile index c4e4fe39d..ca5592eb6 100644 --- a/Dockerfiles/snmptraps/ubuntu/Dockerfile +++ b/Dockerfiles/snmptraps/ubuntu/Dockerfile @@ -39,7 +39,6 @@ RUN set -eux && \ --system \ --comment "Zabbix monitoring system" \ -g zabbix \ - -G root \ --uid 1997 \ --shell /sbin/nologin \ --home-dir /var/lib/zabbix/ \ diff --git a/Dockerfiles/web-apache-mysql/alpine/Dockerfile b/Dockerfiles/web-apache-mysql/alpine/Dockerfile index 855da82bc..886bbc58c 100644 --- a/Dockerfiles/web-apache-mysql/alpine/Dockerfile +++ b/Dockerfiles/web-apache-mysql/alpine/Dockerfile @@ -73,7 +73,6 @@ RUN set -eux && \ --shell /sbin/nologin \ --home /var/lib/zabbix/ \ zabbix && \ - adduser zabbix root && \ mkdir -p /etc/zabbix && \ mkdir -p /etc/zabbix/web && \ mkdir -p /etc/zabbix/web/certs && \ diff --git a/Dockerfiles/web-apache-mysql/centos/Dockerfile b/Dockerfiles/web-apache-mysql/centos/Dockerfile index f42660473..a5e8dbf58 100644 --- a/Dockerfiles/web-apache-mysql/centos/Dockerfile +++ b/Dockerfiles/web-apache-mysql/centos/Dockerfile @@ -64,7 +64,6 @@ RUN set -eux && \ --system \ --comment "Zabbix monitoring system" \ -g zabbix \ - -G root \ --uid 1997 \ --shell /sbin/nologin \ --home-dir /var/lib/zabbix/ \ diff --git a/Dockerfiles/web-apache-mysql/ol/Dockerfile b/Dockerfiles/web-apache-mysql/ol/Dockerfile index 4f6d326ae..1994e4a50 100644 --- a/Dockerfiles/web-apache-mysql/ol/Dockerfile +++ b/Dockerfiles/web-apache-mysql/ol/Dockerfile @@ -65,7 +65,6 @@ RUN set -eux && \ --system \ --comment "Zabbix monitoring system" \ -g zabbix \ - -G root \ --uid 1997 \ --shell /sbin/nologin \ --home-dir /var/lib/zabbix/ \ diff --git a/Dockerfiles/web-apache-mysql/ubuntu/Dockerfile b/Dockerfiles/web-apache-mysql/ubuntu/Dockerfile index 411f3c6af..968b474fe 100644 --- a/Dockerfiles/web-apache-mysql/ubuntu/Dockerfile +++ b/Dockerfiles/web-apache-mysql/ubuntu/Dockerfile @@ -57,7 +57,6 @@ RUN set -eux && \ --system \ --comment "Zabbix monitoring system" \ -g zabbix \ - -G root \ --uid 1997 \ --shell /sbin/nologin \ --home-dir /var/lib/zabbix/ \ diff --git a/Dockerfiles/web-apache-pgsql/alpine/Dockerfile b/Dockerfiles/web-apache-pgsql/alpine/Dockerfile index b1ed6fc96..ed85727b2 100644 --- a/Dockerfiles/web-apache-pgsql/alpine/Dockerfile +++ b/Dockerfiles/web-apache-pgsql/alpine/Dockerfile @@ -72,7 +72,6 @@ RUN set -eux && \ --shell /sbin/nologin \ --home /var/lib/zabbix/ \ zabbix && \ - adduser zabbix root && \ mkdir -p /etc/zabbix && \ mkdir -p /etc/zabbix/web && \ mkdir -p /etc/zabbix/web/certs && \ diff --git a/Dockerfiles/web-apache-pgsql/centos/Dockerfile b/Dockerfiles/web-apache-pgsql/centos/Dockerfile index 52b8058c7..145f038ec 100644 --- a/Dockerfiles/web-apache-pgsql/centos/Dockerfile +++ b/Dockerfiles/web-apache-pgsql/centos/Dockerfile @@ -64,7 +64,6 @@ RUN set -eux && \ --system \ --comment "Zabbix monitoring system" \ -g zabbix \ - -G root \ --uid 1997 \ --shell /sbin/nologin \ --home-dir /var/lib/zabbix/ \ diff --git a/Dockerfiles/web-apache-pgsql/ol/Dockerfile b/Dockerfiles/web-apache-pgsql/ol/Dockerfile index 6bd221b55..c218f922b 100644 --- a/Dockerfiles/web-apache-pgsql/ol/Dockerfile +++ b/Dockerfiles/web-apache-pgsql/ol/Dockerfile @@ -65,7 +65,6 @@ RUN set -eux && \ --system \ --comment "Zabbix monitoring system" \ -g zabbix \ - -G root \ --uid 1997 \ --shell /sbin/nologin \ --home-dir /var/lib/zabbix/ \ diff --git a/Dockerfiles/web-apache-pgsql/ubuntu/Dockerfile b/Dockerfiles/web-apache-pgsql/ubuntu/Dockerfile index 06aadb9b4..aea873de9 100644 --- a/Dockerfiles/web-apache-pgsql/ubuntu/Dockerfile +++ b/Dockerfiles/web-apache-pgsql/ubuntu/Dockerfile @@ -57,7 +57,6 @@ RUN set -eux && \ --system \ --comment "Zabbix monitoring system" \ -g zabbix \ - -G root \ --uid 1997 \ --shell /sbin/nologin \ --home-dir /var/lib/zabbix/ \ diff --git a/Dockerfiles/web-nginx-mysql/alpine/Dockerfile b/Dockerfiles/web-nginx-mysql/alpine/Dockerfile index f6d56f310..248123459 100644 --- a/Dockerfiles/web-nginx-mysql/alpine/Dockerfile +++ b/Dockerfiles/web-nginx-mysql/alpine/Dockerfile @@ -74,7 +74,6 @@ RUN set -eux && \ --shell /sbin/nologin \ --home /var/lib/zabbix/ \ zabbix && \ - adduser zabbix root && \ mkdir -p /etc/zabbix && \ mkdir -p /etc/zabbix/web && \ mkdir -p /etc/zabbix/web/certs && \ diff --git a/Dockerfiles/web-nginx-mysql/centos/Dockerfile b/Dockerfiles/web-nginx-mysql/centos/Dockerfile index 2169290bb..d05cb0000 100644 --- a/Dockerfiles/web-nginx-mysql/centos/Dockerfile +++ b/Dockerfiles/web-nginx-mysql/centos/Dockerfile @@ -62,7 +62,6 @@ RUN set -eux && \ --system \ --comment "Zabbix monitoring system" \ -g zabbix \ - -G root \ --uid 1997 \ --shell /sbin/nologin \ --home-dir /var/lib/zabbix/ \ diff --git a/Dockerfiles/web-nginx-mysql/ol/Dockerfile b/Dockerfiles/web-nginx-mysql/ol/Dockerfile index 4b4856d87..510589628 100644 --- a/Dockerfiles/web-nginx-mysql/ol/Dockerfile +++ b/Dockerfiles/web-nginx-mysql/ol/Dockerfile @@ -63,7 +63,6 @@ RUN set -eux && \ --system \ --comment "Zabbix monitoring system" \ -g zabbix \ - -G root \ --uid 1997 \ --shell /sbin/nologin \ --home-dir /var/lib/zabbix/ \ diff --git a/Dockerfiles/web-nginx-mysql/rhel/Dockerfile b/Dockerfiles/web-nginx-mysql/rhel/Dockerfile index 5305e35af..7e8f58e43 100644 --- a/Dockerfiles/web-nginx-mysql/rhel/Dockerfile +++ b/Dockerfiles/web-nginx-mysql/rhel/Dockerfile @@ -95,7 +95,6 @@ RUN set -eux && \ --system \ --comment "Zabbix monitoring system" \ -g zabbix \ - -G root \ --uid 1997 \ --shell /sbin/nologin \ --home-dir /var/lib/zabbix/ \ diff --git a/Dockerfiles/web-nginx-mysql/ubuntu/Dockerfile b/Dockerfiles/web-nginx-mysql/ubuntu/Dockerfile index e11716c4c..216ec011d 100644 --- a/Dockerfiles/web-nginx-mysql/ubuntu/Dockerfile +++ b/Dockerfiles/web-nginx-mysql/ubuntu/Dockerfile @@ -78,7 +78,6 @@ RUN set -eux && \ --system \ --comment "Zabbix monitoring system" \ -g zabbix \ - -G root \ --uid 1997 \ --shell /sbin/nologin \ --home-dir /var/lib/zabbix/ \ diff --git a/Dockerfiles/web-nginx-pgsql/alpine/Dockerfile b/Dockerfiles/web-nginx-pgsql/alpine/Dockerfile index 9e81b0525..83290745a 100644 --- a/Dockerfiles/web-nginx-pgsql/alpine/Dockerfile +++ b/Dockerfiles/web-nginx-pgsql/alpine/Dockerfile @@ -73,7 +73,6 @@ RUN set -eux && \ --shell /sbin/nologin \ --home /var/lib/zabbix/ \ zabbix && \ - adduser zabbix root && \ mkdir -p /etc/zabbix && \ mkdir -p /etc/zabbix/web && \ mkdir -p /etc/zabbix/web/certs && \ diff --git a/Dockerfiles/web-nginx-pgsql/centos/Dockerfile b/Dockerfiles/web-nginx-pgsql/centos/Dockerfile index 90ead1435..73dee1323 100644 --- a/Dockerfiles/web-nginx-pgsql/centos/Dockerfile +++ b/Dockerfiles/web-nginx-pgsql/centos/Dockerfile @@ -62,7 +62,6 @@ RUN set -eux && \ --system \ --comment "Zabbix monitoring system" \ -g zabbix \ - -G root \ --uid 1997 \ --shell /sbin/nologin \ --home-dir /var/lib/zabbix/ \ diff --git a/Dockerfiles/web-nginx-pgsql/ol/Dockerfile b/Dockerfiles/web-nginx-pgsql/ol/Dockerfile index a7f1251db..e9ce576f9 100644 --- a/Dockerfiles/web-nginx-pgsql/ol/Dockerfile +++ b/Dockerfiles/web-nginx-pgsql/ol/Dockerfile @@ -63,7 +63,6 @@ RUN set -eux && \ --system \ --comment "Zabbix monitoring system" \ -g zabbix \ - -G root \ --uid 1997 \ --shell /sbin/nologin \ --home-dir /var/lib/zabbix/ \ diff --git a/Dockerfiles/web-nginx-pgsql/ubuntu/Dockerfile b/Dockerfiles/web-nginx-pgsql/ubuntu/Dockerfile index 10fcc0d16..e8772cb43 100644 --- a/Dockerfiles/web-nginx-pgsql/ubuntu/Dockerfile +++ b/Dockerfiles/web-nginx-pgsql/ubuntu/Dockerfile @@ -78,7 +78,6 @@ RUN set -eux && \ --system \ --comment "Zabbix monitoring system" \ -g zabbix \ - -G root \ --uid 1997 \ --shell /sbin/nologin \ --home-dir /var/lib/zabbix/ \ diff --git a/Dockerfiles/web-service/alpine/Dockerfile b/Dockerfiles/web-service/alpine/Dockerfile index 7f811ff4f..e1215e428 100644 --- a/Dockerfiles/web-service/alpine/Dockerfile +++ b/Dockerfiles/web-service/alpine/Dockerfile @@ -49,7 +49,6 @@ RUN set -eux && \ --shell /sbin/nologin \ --home /var/lib/zabbix/ \ zabbix && \ - adduser zabbix root && \ mkdir -p /etc/zabbix && \ mkdir -p /var/lib/zabbix && \ chown --quiet -R zabbix:root /etc/zabbix/ /var/lib/zabbix/ && \ diff --git a/Dockerfiles/web-service/centos/Dockerfile b/Dockerfiles/web-service/centos/Dockerfile index 5900cec86..957ec11db 100644 --- a/Dockerfiles/web-service/centos/Dockerfile +++ b/Dockerfiles/web-service/centos/Dockerfile @@ -50,7 +50,6 @@ RUN set -eux && \ --system \ --comment "Zabbix monitoring system" \ -g zabbix \ - -G root \ --uid 1997 \ --shell /sbin/nologin \ --home-dir /var/lib/zabbix/ \ diff --git a/Dockerfiles/web-service/ol/Dockerfile b/Dockerfiles/web-service/ol/Dockerfile index 86cb554b0..bf3f93034 100644 --- a/Dockerfiles/web-service/ol/Dockerfile +++ b/Dockerfiles/web-service/ol/Dockerfile @@ -51,7 +51,6 @@ RUN set -eux && \ --system \ --comment "Zabbix monitoring system" \ -g zabbix \ - -G root \ --uid 1997 \ --shell /sbin/nologin \ --home-dir /var/lib/zabbix/ \ diff --git a/Dockerfiles/web-service/rhel/Dockerfile b/Dockerfiles/web-service/rhel/Dockerfile index b892014ac..1ef2526ed 100644 --- a/Dockerfiles/web-service/rhel/Dockerfile +++ b/Dockerfiles/web-service/rhel/Dockerfile @@ -79,7 +79,7 @@ RUN set -eux && \ groupadd --system --gid 1995 zabbix && \ useradd \ --system --comment "Zabbix monitoring system" \ - -g zabbix -G root \ + -g zabbix \ --uid 1997 \ --shell /sbin/nologin \ --home-dir /var/lib/zabbix/ \ diff --git a/Dockerfiles/web-service/ubuntu/Dockerfile b/Dockerfiles/web-service/ubuntu/Dockerfile index bcac703e6..19d3a194f 100644 --- a/Dockerfiles/web-service/ubuntu/Dockerfile +++ b/Dockerfiles/web-service/ubuntu/Dockerfile @@ -57,7 +57,6 @@ RUN set -eux && \ --system \ --comment "Zabbix monitoring system" \ -g zabbix \ - -G root \ --uid 1997 \ --shell /sbin/nologin \ --home-dir /var/lib/zabbix/ \