disable password for sudo on legacy distribs

* new distribs have all switched to use new crypt scheme for passwords
* so passwords can no longer be checked on legacy containers
* as a workaround, allow sudo to be run wihout asking for password.
* this is not a security hole, as anyone with docker privileges can
  already modify any files owned by root.
This commit is contained in:
Gilles Grandou 2022-08-09 16:43:25 +02:00
parent 7498c87fe4
commit badb4879b0

View File

@ -20,7 +20,7 @@ dockerfile =
FROM centos:7 FROM centos:7
RUN yum install sudo -y RUN yum install sudo -y
RUN echo "Defaults lecture = never" >> /etc/sudoers RUN echo "Defaults lecture = never" >> /etc/sudoers
RUN echo "ALL ALL=(ALL) ALL" >> /etc/sudoers RUN echo "ALL ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers
pkginstall = RUN yum install {} -y pkginstall = RUN yum install {} -y
packages = ksh csh xterm xorg-x11-apps xkeyboard-config git glibc-devel gtk2 gtk3 alsa-lib python2 python3 bash-completion packages = ksh csh xterm xorg-x11-apps xkeyboard-config git glibc-devel gtk2 gtk3 alsa-lib python2 python3 bash-completion
@ -31,7 +31,7 @@ dockerfile =
RUN yum config-manager --set-enabled powertools -y RUN yum config-manager --set-enabled powertools -y
RUN yum install sudo -y RUN yum install sudo -y
RUN echo "Defaults lecture = never" >> /etc/sudoers RUN echo "Defaults lecture = never" >> /etc/sudoers
RUN echo "ALL ALL=(ALL) ALL" >> /etc/sudoers RUN echo "ALL ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers
pkginstall = RUN yum install {} -y pkginstall = RUN yum install {} -y
packages = ksh csh xterm xorg-x11-apps xkeyboard-config git glibc-devel gtk2 gtk3 alsa-lib python2 python3 bash-completion packages = ksh csh xterm xorg-x11-apps xkeyboard-config git glibc-devel gtk2 gtk3 alsa-lib python2 python3 bash-completion
@ -41,8 +41,10 @@ dockerfile =
ARG DEBIAN_FRONTEND=noninteractive ARG DEBIAN_FRONTEND=noninteractive
RUN apt-get update RUN apt-get update
RUN apt-get -y install apt-utils RUN apt-get -y install apt-utils
RUN apt-get -y upgrade
RUN apt-get -y install sudo RUN apt-get -y install sudo
RUN echo "Defaults lecture = never" >> /etc/sudoers RUN echo "Defaults lecture = never" >> /etc/sudoers
RUN echo "ALL ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers
pkginstall = RUN apt-get -y install {} pkginstall = RUN apt-get -y install {}
packages = ksh csh xterm x11-apps build-essential git libgtk2.0 libgtk-3-0 bash-completion packages = ksh csh xterm x11-apps build-essential git libgtk2.0 libgtk-3-0 bash-completion
@ -52,8 +54,10 @@ dockerfile =
ARG DEBIAN_FRONTEND=noninteractive ARG DEBIAN_FRONTEND=noninteractive
RUN apt-get update RUN apt-get update
RUN apt-get -y install apt-utils RUN apt-get -y install apt-utils
RUN apt-get -y upgrade
RUN apt-get -y install sudo RUN apt-get -y install sudo
RUN echo "Defaults lecture = never" >> /etc/sudoers RUN echo "Defaults lecture = never" >> /etc/sudoers
RUN echo "ALL ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers
pkginstall = RUN apt-get -y install {} pkginstall = RUN apt-get -y install {}
packages = ksh csh xterm x11-apps build-essential git libgtk2.0 libgtk-3-0 bash-completion packages = ksh csh xterm x11-apps build-essential git libgtk2.0 libgtk-3-0 bash-completion
@ -63,8 +67,10 @@ dockerfile =
ARG DEBIAN_FRONTEND=noninteractive ARG DEBIAN_FRONTEND=noninteractive
RUN apt-get update RUN apt-get update
RUN apt-get -y install apt-utils RUN apt-get -y install apt-utils
RUN apt-get -y upgrade
RUN apt-get -y install sudo RUN apt-get -y install sudo
RUN echo "Defaults lecture = never" >> /etc/sudoers RUN echo "Defaults lecture = never" >> /etc/sudoers
RUN echo "ALL ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers
pkginstall = RUN apt-get -y install {} pkginstall = RUN apt-get -y install {}
packages = ksh csh xterm x11-apps build-essential git libgtk2.0 libgtk-3-0 bash-completion packages = ksh csh xterm x11-apps build-essential git libgtk2.0 libgtk-3-0 bash-completion