Hello,

I am currently working on a project where I am being given RPM packages containing CHOWN and CHMOD in the poms. This is resulting in bloated files sizes where the final image can be around 25GB where the VM is 7GB. This is because the rpms chown the files installed by them and some system directories required for running commands as a non root user.

What is the recommendation for running zypper install commands without bloated file sizes?
Note that the POMs will change frequently but it is expected that the directory ownership will not change much at all. Is there a way to separate the permissions changes into metadata or something?

Thanks,
Dave

We are using MariaDB on physical machines, VMs and docker containers. So what we would do is:

Install mariaDB which will chown the directories to be owned by the mariadb process

RUN sudo zypper install mariadb-server

Install elasticsearch which sets up our logging solution and chowns directories to be owned by the elasticsearch process

RUN sudo zypper modifyrepo --enable elasticsearch && \
         sudo zypper install elasticsearch; \
         sudo zypper modifyrepo --disable elasticsearch 

Install jboss which sets up an API server to allow us to run management commands by JSON http request and chowns the elasticsearch and mariadb directories to be owned by a non-root user.

RUN zypper install myapplication

In order to run as ANY UID for OpenShift we must then add the root group to be able to set “I have no name!”

The problem here is that all the chowns run from zypper install/yum install/apt-get install add additional copies of the files to the docker image layer which increases the final image size. I don’t write any of the services that get installed. I don’t even have access to the application code. I just get the final built RPM package to install with zypper/yum etc.