From 52f68cd30153d53068a88fbdd3af9c0e9c3b64de Mon Sep 17 00:00:00 2001 From: Doiiars Date: Tue, 14 Nov 2023 21:16:36 +0800 Subject: [PATCH] =?UTF-8?q?=E4=B8=BADockerfile=E5=A2=9E=E5=8A=A0=E7=94=A8?= =?UTF-8?q?=E6=88=B7=E7=AE=A1=E7=90=86=EF=BC=8C=E9=81=BF=E5=85=8D=E9=95=9C?= =?UTF-8?q?=E5=83=8F=E4=BB=A5root=E7=94=A8=E6=88=B7=E8=BF=90=E8=A1=8C?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 为Dockerfile增加用户管理,避免镜像以root用户运行 --- docs/GithubAction+AllCapacity | 6 ++++++ docs/GithubAction+ChatGLM+Moss | 7 +++++++ docs/GithubAction+JittorLLMs | 7 +++++++ docs/GithubAction+NoLocal | 6 ++++++ docs/GithubAction+NoLocal+AudioAssistant | 6 ++++++ docs/GithubAction+NoLocal+Latex | 6 ++++++ 6 files changed, 38 insertions(+) diff --git a/docs/GithubAction+AllCapacity b/docs/GithubAction+AllCapacity index 4ba0e31a9e..a8c6c3f6e3 100644 --- a/docs/GithubAction+AllCapacity +++ b/docs/GithubAction+AllCapacity @@ -3,6 +3,9 @@ # 从NVIDIA源,从而支持显卡(检查宿主的nvidia-smi中的cuda版本必须>=11.3) FROM fuqingxu/11.3.1-runtime-ubuntu20.04-with-texlive:latest +# 创建非root用户 +RUN useradd -ms /bin/bash gpt_academic + # use python3 as the system default python WORKDIR /gpt RUN curl -sS https://bootstrap.pypa.io/get-pip.py | python3.8 @@ -32,5 +35,8 @@ RUN python3 -m pip install nougat-ocr # 预热Tiktoken模块 RUN python3 -c 'from check_proxy import warm_up_modules; warm_up_modules()' +# 切换到非root用户 +USER gpt_academic + # 启动 CMD ["python3", "-u", "main.py"] diff --git a/docs/GithubAction+ChatGLM+Moss b/docs/GithubAction+ChatGLM+Moss index 3212dc2f4d..b38e671315 100644 --- a/docs/GithubAction+ChatGLM+Moss +++ b/docs/GithubAction+ChatGLM+Moss @@ -1,6 +1,10 @@ # 从NVIDIA源,从而支持显卡运损(检查宿主的nvidia-smi中的cuda版本必须>=11.3) FROM nvidia/cuda:11.3.1-runtime-ubuntu20.04 + +# 创建非root用户 +RUN useradd -ms /bin/bash gpt_academic + RUN apt-get update RUN apt-get install -y curl proxychains curl gcc RUN apt-get install -y git python python3 python-dev python3-dev --fix-missing @@ -26,5 +30,8 @@ RUN python3 -m pip install -r request_llms/requirements_newbing.txt # 预热Tiktoken模块 RUN python3 -c 'from check_proxy import warm_up_modules; warm_up_modules()' +# 切换到非root用户 +USER gpt_academic + # 启动 CMD ["python3", "-u", "main.py"] diff --git a/docs/GithubAction+JittorLLMs b/docs/GithubAction+JittorLLMs index 189eb24431..43c0500286 100644 --- a/docs/GithubAction+JittorLLMs +++ b/docs/GithubAction+JittorLLMs @@ -1,6 +1,10 @@ # 从NVIDIA源,从而支持显卡运损(检查宿主的nvidia-smi中的cuda版本必须>=11.3) FROM nvidia/cuda:11.3.1-runtime-ubuntu20.04 ARG useProxyNetwork='' + +# 创建非root用户 +RUN useradd -ms /bin/bash gpt_academic + RUN apt-get update RUN apt-get install -y curl proxychains curl g++ RUN apt-get install -y git python python3 python-dev python3-dev --fix-missing @@ -30,5 +34,8 @@ RUN git pull # 预热Tiktoken模块 RUN python3 -c 'from check_proxy import warm_up_modules; warm_up_modules()' +# 切换到非root用户 +USER gpt_academic + # 启动 CMD ["python3", "-u", "main.py"] diff --git a/docs/GithubAction+NoLocal b/docs/GithubAction+NoLocal index 5c49b94812..705071213c 100644 --- a/docs/GithubAction+NoLocal +++ b/docs/GithubAction+NoLocal @@ -3,6 +3,9 @@ # 如何运行: docker run --rm -it --net=host gpt-academic-nolocal FROM python:3.11 +# 创建非root用户 +RUN useradd -ms /bin/bash gpt_academic + # 指定路径 WORKDIR /gpt @@ -16,5 +19,8 @@ RUN pip3 install -r requirements.txt # 可选步骤,用于预热模块 RUN python3 -c 'from check_proxy import warm_up_modules; warm_up_modules()' +# 切换到非root用户 +USER gpt_academic + # 启动 CMD ["python3", "-u", "main.py"] diff --git a/docs/GithubAction+NoLocal+AudioAssistant b/docs/GithubAction+NoLocal+AudioAssistant index 9ea1ea5463..cdd35d8970 100644 --- a/docs/GithubAction+NoLocal+AudioAssistant +++ b/docs/GithubAction+NoLocal+AudioAssistant @@ -3,6 +3,9 @@ # 如何运行: docker run --rm -it --net=host gpt-academic-nolocal FROM python:3.11 +# 创建非root用户 +RUN useradd -ms /bin/bash gpt_academic + # 指定路径 WORKDIR /gpt @@ -18,5 +21,8 @@ RUN pip3 install pyOpenSSL scipy git+https://github.com/aliyun/alibabacloud-nls- # 可选步骤,用于预热模块 RUN python3 -c 'from check_proxy import warm_up_modules; warm_up_modules()' +# 切换到非root用户 +USER gpt_academic + # 启动 CMD ["python3", "-u", "main.py"] diff --git a/docs/GithubAction+NoLocal+Latex b/docs/GithubAction+NoLocal+Latex index be9fda291c..cc96c00dea 100644 --- a/docs/GithubAction+NoLocal+Latex +++ b/docs/GithubAction+NoLocal+Latex @@ -10,6 +10,9 @@ ENV PATH "$PATH:/usr/local/texlive/2024/bin/x86_64-linux" ENV PATH "$PATH:/usr/local/texlive/2025/bin/x86_64-linux" ENV PATH "$PATH:/usr/local/texlive/2026/bin/x86_64-linux" +# 创建非root用户 +RUN useradd -ms /bin/bash gpt_academic + # 指定路径 WORKDIR /gpt @@ -28,5 +31,8 @@ RUN pip3 install -r requirements.txt # 可选步骤,用于预热模块 RUN python3 -c 'from check_proxy import warm_up_modules; warm_up_modules()' +# 切换到非root用户 +USER gpt_academic + # 启动 CMD ["python3", "-u", "main.py"]