summaryrefslogtreecommitdiffstats
path: root/security/nss/automation/taskcluster/docker-decision
diff options
context:
space:
mode:
Diffstat (limited to 'security/nss/automation/taskcluster/docker-decision')
-rw-r--r--security/nss/automation/taskcluster/docker-decision/Dockerfile3
-rw-r--r--security/nss/automation/taskcluster/docker-decision/bin/checkout.sh5
2 files changed, 5 insertions, 3 deletions
diff --git a/security/nss/automation/taskcluster/docker-decision/Dockerfile b/security/nss/automation/taskcluster/docker-decision/Dockerfile
index 473ce64ba..35777c0b7 100644
--- a/security/nss/automation/taskcluster/docker-decision/Dockerfile
+++ b/security/nss/automation/taskcluster/docker-decision/Dockerfile
@@ -12,9 +12,6 @@ RUN chmod +x /home/worker/bin/*
ADD setup.sh /tmp/setup.sh
RUN bash /tmp/setup.sh
-# Change user.
-USER worker
-
# Env variables.
ENV HOME /home/worker
ENV SHELL /bin/bash
diff --git a/security/nss/automation/taskcluster/docker-decision/bin/checkout.sh b/security/nss/automation/taskcluster/docker-decision/bin/checkout.sh
index 0cdd2ac40..9167f6bda 100644
--- a/security/nss/automation/taskcluster/docker-decision/bin/checkout.sh
+++ b/security/nss/automation/taskcluster/docker-decision/bin/checkout.sh
@@ -2,6 +2,11 @@
set -v -e -x
+if [ $(id -u) = 0 ]; then
+ # Drop privileges by re-running this script.
+ exec su worker $0
+fi
+
# Default values for testing.
REVISION=${NSS_HEAD_REVISION:-default}
REPOSITORY=${NSS_HEAD_REPOSITORY:-https://hg.mozilla.org/projects/nss}
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-29 14:09:33 +0000