Skip to content

Commit 5e101da

Browse files
docwho2docwho2
committed
TTS-3569 Fix freshclam definition permissions
1 parent 4778f8d commit 5e101da

File tree

1 file changed

+4
-2
lines changed

1 file changed

+4
-2
lines changed

cdk/Dockerfile

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -13,8 +13,10 @@ RUN dnf install -y \
1313
# Refresh definitions during the image build so the Lambda has no runtime
1414
# dependency on internet access for virus database updates.
1515
RUN mkdir -p /var/task/clamav_defs && \
16-
chmod -R 755 /var/task/clamav_defs && \
17-
freshclam --stdout --datadir=/var/task/clamav_defs
16+
chown 999:999 /var/task/clamav_defs && \
17+
chmod 775 /var/task/clamav_defs && \
18+
freshclam --stdout --datadir=/var/task/clamav_defs && \
19+
chmod -R a+rX /var/task/clamav_defs
1820

1921
# Copy Lambda function JAR into the image.
2022
COPY lambda-jar/lambda-1.0.jar ${LAMBDA_TASK_ROOT}/lib/

0 commit comments

Comments
 (0)