From abc81d03a7c4f5206d5f703bfc371f7085d6a59b Mon Sep 17 00:00:00 2001
From: Joe Betz <jpbetz@google.com>
Date: Fri, 6 Oct 2017 23:29:15 -0700
Subject: [PATCH] Dockerfile: Improve file permissions for docker build images
 using bind9

/etc/init.d/bind9 is run as the 'bind' user. This fixes file permissions
for the configuration files added by the Dockerfile to match.
---
 e2e/docker-dns-srv/Dockerfile | 7 ++++---
 e2e/docker-dns/Dockerfile     | 7 ++++---
 2 files changed, 8 insertions(+), 6 deletions(-)

diff --git a/e2e/docker-dns-srv/Dockerfile b/e2e/docker-dns-srv/Dockerfile
index 03cf8881c..1eaf3c801 100644
--- a/e2e/docker-dns-srv/Dockerfile
+++ b/e2e/docker-dns-srv/Dockerfile
@@ -2,16 +2,17 @@ FROM golang:1.9.1-stretch
 LABEL Description="Image for etcd DNS SRV testing"
 
 RUN apt update -y \
-  && apt install -y \
+  && apt install -y -q \
   bind9 \
   dnsutils
 
-RUN mkdir /var/bind
-RUN chown bind /var/bind
+RUN mkdir -p /var/bind /etc/bind
+RUN chown root:bind /var/bind /etc/bind
 ADD Procfile /Procfile
 ADD run.sh /run.sh
 
 ADD named.conf etcd.zone rdns.zone /etc/bind/
+RUN chown root:bind /etc/bind/named.conf /etc/bind/etcd.zone /etc/bind/rdns.zone
 ADD resolv.conf /etc/resolv.conf
 
 RUN go get github.com/mattn/goreman
diff --git a/e2e/docker-dns/Dockerfile b/e2e/docker-dns/Dockerfile
index 9daf2b888..45fbda685 100644
--- a/e2e/docker-dns/Dockerfile
+++ b/e2e/docker-dns/Dockerfile
@@ -2,16 +2,17 @@ FROM golang:1.9.1-stretch
 LABEL Description="Image for etcd DNS testing"
 
 RUN apt update -y \
-  && apt install -y \
+  && apt install -y -q \
   bind9 \
   dnsutils
 
-RUN mkdir /var/bind
-RUN chown bind /var/bind
+RUN mkdir -p /var/bind /etc/bind
+RUN chown root:bind /var/bind /etc/bind
 ADD Procfile.tls /Procfile.tls
 ADD run.sh /run.sh
 
 ADD named.conf etcd.zone rdns.zone /etc/bind/
+RUN chown root:bind /etc/bind/named.conf /etc/bind/etcd.zone /etc/bind/rdns.zone
 ADD resolv.conf /etc/resolv.conf
 
 RUN go get github.com/mattn/goreman