From 85648d5916189405486f7061d89fc057aa80cd63 Mon Sep 17 00:00:00 2001 From: Geoff Bourne Date: Sun, 1 Jun 2025 10:04:37 -0500 Subject: [PATCH] Remove all use of sudoers file (#3477) --- Dockerfile | 2 -- bin/mc-send-to-console | 5 +++-- docs/commands.md | 2 +- files/auto/stop.sh | 7 ++----- files/sudoers-mc | 1 - 5 files changed, 6 insertions(+), 11 deletions(-) delete mode 100644 files/sudoers-mc diff --git a/Dockerfile b/Dockerfile index 3b0295bd..4c76ae88 100644 --- a/Dockerfile +++ b/Dockerfile @@ -19,8 +19,6 @@ RUN --mount=target=/build,source=build \ RUN --mount=target=/build,source=build \ /build/run.sh setup-user -COPY --chmod=644 files/sudoers* /etc/sudoers.d - EXPOSE 25565 ARG APPS_REV=1 diff --git a/bin/mc-send-to-console b/bin/mc-send-to-console index 19b6deeb..a4f2e7c0 100755 --- a/bin/mc-send-to-console +++ b/bin/mc-send-to-console @@ -17,8 +17,9 @@ if [ ! -p "${CONSOLE_IN_NAMED_PIPE}" ]; then exit 1 fi -if [ "$(id -u)" = 0 -a $UID != 0 ]; then - exec $(getSudoFromDistro) minecraft bash -c "echo '$*' > '${CONSOLE_IN_NAMED_PIPE}'" +if [[ "$(id -u)" = 0 ]] && [[ $UID != 0 ]]; then + error "Exec needs to be run with user ID $UID" + exit 2 else echo "$@" >"${CONSOLE_IN_NAMED_PIPE}" fi diff --git a/docs/commands.md b/docs/commands.md index 1eccf1e8..0a682076 100644 --- a/docs/commands.md +++ b/docs/commands.md @@ -24,7 +24,7 @@ _The `-i` is not needed in this case._ If rcon is disabled you can send commands by passing them as arguments to the packaged `mc-send-to-console` script after setting the env var `CREATE_CONSOLE_IN_PIPE` to "true". For example, a player can be op'ed in the container `mc` with: ```shell -docker exec mc mc-send-to-console op player +docker exec --user 1000 mc mc-send-to-console op player | | +- container name +- Minecraft commands start here ``` diff --git a/files/auto/stop.sh b/files/auto/stop.sh index 7a559f6b..0ae9f446 100644 --- a/files/auto/stop.sh +++ b/files/auto/stop.sh @@ -6,8 +6,5 @@ if isTrue "${DEBUG_AUTOSTOP}"; then fi logAutostopAction "Stopping Java process" -if isTrue "${AUTOSTOP_PKILL_USE_SUDO:-false}"; then - sudo pkill -f --signal SIGTERM mc-server-runner -else - pkill -f --signal SIGTERM mc-server-runner -fi +pkill -f --signal SIGTERM mc-server-runner + diff --git a/files/sudoers-mc b/files/sudoers-mc deleted file mode 100644 index e928c4d7..00000000 --- a/files/sudoers-mc +++ /dev/null @@ -1 +0,0 @@ -minecraft ALL=(ALL) NOPASSWD:/usr/bin/pkill