From 92d6b505498034d83f766ed5d3c9d0104dcc977e Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata" <edewata@redhat.com>
Date: Tue, 4 Jun 2024 18:24:11 -0500
Subject: [PATCH] Fix default config file owners in container image

The Dockerfile has been updated to ensure that the instance
files (including the default config files) in the container
image are owned by pkiuser:root so that they can be accessed
properly at runtime.
---
 Dockerfile | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index f224ad62c87..6ce7a124352 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -173,7 +173,7 @@ RUN cp -r /conf /var/lib/pki/pki-tomcat/conf.default
 
 # Grant the root group the full access to PKI server files
 # https://www.openshift.com/blog/jupyter-on-openshift-part-6-running-as-an-assigned-user-id
-RUN chgrp -Rf root /var/lib/pki/pki-tomcat
+RUN chown -Rf pkiuser:root /var/lib/pki/pki-tomcat
 RUN chmod -Rf g+rw /var/lib/pki/pki-tomcat
 
 VOLUME [ "/certs", "/conf", "/logs" ]
@@ -206,7 +206,7 @@ RUN cp -r /conf/* /var/lib/pki/pki-tomcat/conf.default
 
 # Grant the root group the full access to PKI server files
 # https://www.openshift.com/blog/jupyter-on-openshift-part-6-running-as-an-assigned-user-id
-RUN chgrp -Rf root /var/lib/pki/pki-tomcat
+RUN chown -Rf pkiuser:root /var/lib/pki/pki-tomcat
 RUN chmod -Rf g+rw /var/lib/pki/pki-tomcat
 
 CMD [ "/usr/share/pki/ca/bin/pki-ca-run" ]
@@ -237,7 +237,7 @@ RUN cp -r /conf/* /var/lib/pki/pki-tomcat/conf.default
 
 # Grant the root group the full access to PKI server files
 # https://www.openshift.com/blog/jupyter-on-openshift-part-6-running-as-an-assigned-user-id
-RUN chgrp -Rf root /var/lib/pki/pki-tomcat
+RUN chown -Rf pkiuser:root /var/lib/pki/pki-tomcat
 RUN chmod -Rf g+rw /var/lib/pki/pki-tomcat
 
 CMD [ "/usr/share/pki/kra/bin/pki-kra-run" ]
@@ -268,7 +268,7 @@ RUN cp -r /conf/* /var/lib/pki/pki-tomcat/conf.default
 
 # Grant the root group the full access to PKI server files
 # https://www.openshift.com/blog/jupyter-on-openshift-part-6-running-as-an-assigned-user-id
-RUN chgrp -Rf root /var/lib/pki/pki-tomcat
+RUN chown -Rf pkiuser:root /var/lib/pki/pki-tomcat
 RUN chmod -Rf g+rw /var/lib/pki/pki-tomcat
 
 CMD [ "/usr/share/pki/ocsp/bin/pki-ocsp-run" ]
@@ -317,7 +317,7 @@ RUN cp -r /conf/* /var/lib/pki/pki-tomcat/conf.default
 
 # Grant the root group the full access to PKI ACME files
 # https://www.openshift.com/blog/jupyter-on-openshift-part-6-running-as-an-assigned-user-id
-RUN chgrp -Rf root /var/lib/pki/pki-tomcat
+RUN chown -Rf pkiuser:root /var/lib/pki/pki-tomcat
 RUN chmod -Rf g+rw /var/lib/pki/pki-tomcat
 
 VOLUME [ \