From 39336edcf60726062b49d5f87db1ca7bf6a293c3 Mon Sep 17 00:00:00 2001
From: Dominik Meyer <dmeyer@hsu-hh.de>
Date: Tue, 23 Jan 2024 09:34:15 +0100
Subject: [PATCH] ADD: run rss2email as non root user

---
 Containerfile                | 15 +++++++++++++++
 scripts/createMSMTPconfig.sh | 14 ++++++--------
 scripts/entryPoint.sh        |  4 ++--
 3 files changed, 23 insertions(+), 10 deletions(-)

diff --git a/Containerfile b/Containerfile
index e4a413d..26b93f5 100644
--- a/Containerfile
+++ b/Containerfile
@@ -29,4 +29,19 @@ ADD scripts/entryPoint.sh /entryPoint.sh
 RUN chmod +x /entryPoint.sh
 RUN chmod +x /createMSMTPconfig.sh
 
+# we use msmtp as a dropin replacement for sendmail
+RUN rm /usr/sbin/sendmail
+RUN ln -s /usr/bin/msmtp /usr/sbin/sendmail
+
+# add a user for running rss2email in the container
+RUN addgroup rss2email && adduser -D -G rss2email rss2email
+
+RUN mkdir -p /home/rss2email/.rss2email/
+
+# ensure a homedirectory for the user exists and has correct access rights
+RUN mkdir -p /home/rss2email && chown rss2email.rss2email /home/rss2email
+
+# run everything as the rss2email user
+USER rss2email
+
 ENTRYPOINT ["/sbin/tini", "--", "/entryPoint.sh"]
\ No newline at end of file
diff --git a/scripts/createMSMTPconfig.sh b/scripts/createMSMTPconfig.sh
index d05ff7a..be4c654 100755
--- a/scripts/createMSMTPconfig.sh
+++ b/scripts/createMSMTPconfig.sh
@@ -44,7 +44,12 @@ else
     MSMTP_SMTP_PASS="dummy"
 fi
 
-cat > /etc/msmtprc <<EOF
+if [ -z $XDG_CONFIG_HOME ]; then
+    XDG_CONFIG_HOME=/home/rssemail/.config
+fi
+
+mkdir -p $XDG_CONFIG_HOME/msmtp/
+cat > $XDG_CONFIG_HOME/msmtp/config <<EOF
 defaults
 auth ${MSMTP_SMTP_AUTH}
 tls ${MSMTP_SMTP_TLS}
@@ -57,10 +62,3 @@ from ${MSMTP_SMTP_FROM}
 user ${MSMTP_SMTP_USER}
 password ${MSMTP_SMTP_PASS}
 EOF
-
-chmod 600 /etc/msmtprc
-
-
-# we use msmtp as a dropin replacement for sendmail
-rm /usr/sbin/sendmail
-ln -s /usr/bin/msmtp /usr/sbin/sendmail
diff --git a/scripts/entryPoint.sh b/scripts/entryPoint.sh
index f5f4a3b..2be9a52 100755
--- a/scripts/entryPoint.sh
+++ b/scripts/entryPoint.sh
@@ -13,7 +13,7 @@ if [ -z ${FEEDS} ]; then
     exit 255
 fi
 
-mkdir -p ~/.rss2email/
-echo ${FEEDS} > ~/.rss2email/feeds.txt
+
+echo -e ${FEEDS} > ~/.rss2email/feeds.txt
 
 /app/rss2email daemon ${RECIPIENTS}
\ No newline at end of file