From a2279245950787747ce701bf2fd41fcd01c4da60 Mon Sep 17 00:00:00 2001
From: Dmitry Maksyoma <ledestin@gmail.com>
Date: Thu, 2 Sep 2021 00:07:54 +1200
Subject: [PATCH] build-deb: docker user inside images shouldn't have uid of 0

---
 builder/build-deb                                        | 6 ++++--
 builder/dockerfile.debian_bullseye.deb.build             | 9 +++++++--
 builder/dockerfile.debian_buster.deb.build               | 9 +++++++--
 builder/dockerfile.kali_kali-rolling.deb.build           | 9 +++++++--
 ...ckerfile.ubuntu_bionic+libjpeg-turbo_latest.deb.build | 9 +++++++--
 builder/dockerfile.ubuntu_bionic.deb.build               | 9 +++++++--
 builder/dockerfile.ubuntu_focal.deb.build                | 9 +++++++--
 7 files changed, 46 insertions(+), 14 deletions(-)

diff --git a/builder/build-deb b/builder/build-deb
index f790123..e2e1093 100755
--- a/builder/build-deb
+++ b/builder/build-deb
@@ -5,14 +5,16 @@ set -e
 cd "$(dirname "$0")/.."
 . builder/os_ver_cli.sh
 
+L_UID=$(id -u) #Ubuntu already has UID env var, but this should work on all Linix systems
+L_GID=$(id -g)
+
 builder_image=debbuilder_${os}:${os_codename}${build_tag_for_images}
 docker build --build-arg KASMVNC_PACKAGE_DIR="builder/build/${os_codename}" \
+  --build-arg L_UID="$L_UID" \
   -t "$builder_image" -f \
   builder/dockerfile.${os}_${os_codename}${build_tag}.deb.build .
 
 deb_output_dir=$(cd .. && echo $PWD)
-L_UID=$(id -u) #Ubuntu already has UID env var, but this should work on all Linix systems
-L_GID=$(id -g)
 docker run --rm -v "$deb_output_dir":/src -e BUILD_TAG="$build_tag" \
   --user "$L_UID:$L_GID" \
   "$builder_image" /bin/bash -c \
diff --git a/builder/dockerfile.debian_bullseye.deb.build b/builder/dockerfile.debian_bullseye.deb.build
index 98d2281..51bde4f 100644
--- a/builder/dockerfile.debian_bullseye.deb.build
+++ b/builder/dockerfile.debian_bullseye.deb.build
@@ -9,6 +9,11 @@ RUN apt-get update && \
 COPY ./debian/control /tmp
 RUN apt-get update && echo YYY | mk-build-deps --install --remove /tmp/control
 
-RUN useradd -m docker -u 1000
+ARG L_UID
+RUN if [ "$L_UID" -eq 0 ]; then \
+      useradd -m docker; \
+    else \
+      useradd -m docker -u $L_UID;\
+    fi
 
-USER 1000
+USER docker
diff --git a/builder/dockerfile.debian_buster.deb.build b/builder/dockerfile.debian_buster.deb.build
index c9100be..eb3a6bf 100644
--- a/builder/dockerfile.debian_buster.deb.build
+++ b/builder/dockerfile.debian_buster.deb.build
@@ -9,6 +9,11 @@ RUN apt-get update && \
 COPY ./debian/control /tmp
 RUN apt-get update && echo YYY | mk-build-deps --install --remove /tmp/control
 
-RUN useradd -m docker -u 1000
+ARG L_UID
+RUN if [ "$L_UID" -eq 0 ]; then \
+      useradd -m docker; \
+    else \
+      useradd -m docker -u $L_UID;\
+    fi
 
-USER 1000
+USER docker
diff --git a/builder/dockerfile.kali_kali-rolling.deb.build b/builder/dockerfile.kali_kali-rolling.deb.build
index 96b71cd..6d0ed1b 100644
--- a/builder/dockerfile.kali_kali-rolling.deb.build
+++ b/builder/dockerfile.kali_kali-rolling.deb.build
@@ -9,6 +9,11 @@ RUN apt-get update && \
 COPY ./debian/control /tmp
 RUN apt-get update && echo YYY | mk-build-deps --install --remove /tmp/control
 
-RUN useradd -m docker -u 1000
+ARG L_UID
+RUN if [ "$L_UID" -eq 0 ]; then \
+      useradd -m docker; \
+    else \
+      useradd -m docker -u $L_UID;\
+    fi
 
-USER 1000
+USER docker
diff --git a/builder/dockerfile.ubuntu_bionic+libjpeg-turbo_latest.deb.build b/builder/dockerfile.ubuntu_bionic+libjpeg-turbo_latest.deb.build
index ff0515c..ab88621 100644
--- a/builder/dockerfile.ubuntu_bionic+libjpeg-turbo_latest.deb.build
+++ b/builder/dockerfile.ubuntu_bionic+libjpeg-turbo_latest.deb.build
@@ -13,6 +13,11 @@ RUN apt-get update && echo YYY | mk-build-deps --install --remove /tmp/control
 
 ENV LD_LIBRARY_PATH="/opt/libjpeg-turbo/lib64/:$LD_LIBRARY_PATH"
 
-RUN useradd -m docker -u 1000
+ARG L_UID
+RUN if [ "$L_UID" -eq 0 ]; then \
+      useradd -m docker; \
+    else \
+      useradd -m docker -u $L_UID;\
+    fi
 
-USER 1000
+USER docker
diff --git a/builder/dockerfile.ubuntu_bionic.deb.build b/builder/dockerfile.ubuntu_bionic.deb.build
index 13a4e2b..a554ecb 100644
--- a/builder/dockerfile.ubuntu_bionic.deb.build
+++ b/builder/dockerfile.ubuntu_bionic.deb.build
@@ -7,6 +7,11 @@ RUN apt-get update && \
 COPY ./debian/control /tmp
 RUN apt-get update && echo YYY | mk-build-deps --install --remove /tmp/control
 
-RUN useradd -m docker -u 1000
+ARG L_UID
+RUN if [ "$L_UID" -eq 0 ]; then \
+      useradd -m docker; \
+    else \
+      useradd -m docker -u $L_UID;\
+    fi
 
-USER 1000
+USER docker
diff --git a/builder/dockerfile.ubuntu_focal.deb.build b/builder/dockerfile.ubuntu_focal.deb.build
index 456ad7b..8a4db12 100644
--- a/builder/dockerfile.ubuntu_focal.deb.build
+++ b/builder/dockerfile.ubuntu_focal.deb.build
@@ -9,6 +9,11 @@ RUN apt-get update && \
 COPY ./debian/control /tmp
 RUN apt-get update && echo YYY | mk-build-deps --install --remove /tmp/control
 
-RUN useradd -m docker -u 1000
+ARG L_UID
+RUN if [ "$L_UID" -eq 0 ]; then \
+      useradd -m docker; \
+    else \
+      useradd -m docker -u $L_UID;\
+    fi
 
-USER 1000
+USER docker