From 0e342e2f2c57ec8ff3c2f9d4b8b1632db33ad2dc Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Krist=C3=B3f=20T=C3=B3th?= <kristof.toth@avatao.com>
Date: Wed, 4 Apr 2018 17:44:14 +0200
Subject: [PATCH] Update project to comply user separation

---
 config.yml                                         | 1 +
 solvable/Dockerfile                                | 2 --
 solvable/supervisor/components/event_handlers.conf | 1 +
 3 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/config.yml b/config.yml
index df87455..d2ca46f 100644
--- a/config.yml
+++ b/config.yml
@@ -8,4 +8,5 @@ crp_config:
     controller:
         ports: ["4444/controller"]
     solvable:
+        capabilities: ["SETUID", "SETGID", "CHOWN", "AUDIT_WRITE", "DAC_OVERRIDE"]
         ports: ["8888/http"]
diff --git a/solvable/Dockerfile b/solvable/Dockerfile
index bfbb869..f2f8e3b 100644
--- a/solvable/Dockerfile
+++ b/solvable/Dockerfile
@@ -14,6 +14,4 @@ RUN chown -R ${AVATAO_USER} ${TFW_WEBIDE_WD} &&\
     chmod -R 755 ${TFW_WEBIDE_WD}
 
 VOLUME ["/home/${AVATAO_USER}"]
-USER ${AVATAO_USER}
 WORKDIR /home/${AVATAO_USER}
-
diff --git a/solvable/supervisor/components/event_handlers.conf b/solvable/supervisor/components/event_handlers.conf
index 0a95566..93fd749 100644
--- a/solvable/supervisor/components/event_handlers.conf
+++ b/solvable/supervisor/components/event_handlers.conf
@@ -1,3 +1,4 @@
 [program:event_handler_main]
+user=root
 directory=%(ENV_TFW_APP_DIR)s
 command=python3 event_handler_main.py