Add missing updates to rebased files

Author: kabicin

releases/22.0.0.12/full/Dockerfile.ubi.ibmjava8

@@ -80,15 +80,41 @@ RUN mkdir /logs \
     && mkdir /etc/wlp \
     && chown -R 1001:0 /etc/wlp \
     && chmod -R g+rw /etc/wlp \
-    && echo "<server description=\"Default Server\"><httpEndpoint id=\"defaultHttpEndpoint\" host=\"*\" /></server>" > /config/configDropins/defaults/open-default-port.xml
+    && mkdir -p /opt/ol/links \
+    && chown -R 1001:0 /opt/ol/links \
+    && chmod -R g+rw /opt/ol/links
+
+# Create second-level symlinks as non-root user
+USER 1001
+
+RUN mkdir -p $WLP_OUTPUT_DIR/defaultServer \
+    && ln -s $WLP_OUTPUT_DIR/defaultServer /opt/ol/links/output \
+    && ln -s /opt/ol/wlp/usr/servers/defaultServer /opt/ol/links/config \
+    && mkdir -p /opt/ol/links/config/configDropins/defaults \
+    && mkdir -p /opt/ol/links/config/configDropins/overrides \
+    && echo "<server description=\"Default Server\"><httpEndpoint id=\"defaultHttpEndpoint\" host=\"*\" /></server>" > /opt/ol/links/config/configDropins/defaults/open-default-port.xml
+
+# Create first-level symlinks as root user
+USER 0
+
+RUN ln -s /opt/ol/links/output /output \
+    && ln -s /opt/ol/links/config /config \
+    && chown -R 1001:0 /opt/ol/links/output \
+    && chmod -R g+rw /opt/ol/links/output \
+    && chown -R 1001:0 /opt/ol/links/config \
+    && chmod -R g+rw /opt/ol/links/config \
+    && chown -R 1001:0 /config \
+    && chmod -R g+rw /config \
+    && chown -R 1001:0 /output \
+    && chmod -R g+rw /output
 
 # Create a new SCC layer
 RUN if [ "$OPENJ9_SCC" = "true" ]; then populate_scc.sh; fi \
     && rm -rf /output/messaging /output/resources/security /logs/* $WLP_OUTPUT_DIR/.classCache \
     && chown -R 1001:0 /opt/ol/wlp/output \
     && chmod -R g+rwx /opt/ol/wlp/output
 
-#These settings are needed so that we can run as a different user than 1001 after server warmup
+# These settings are needed so that we can run as a different user than 1001 after server warmup
 ENV RANDFILE=/tmp/.rnd \
     IBM_JAVA_OPTIONS="-Xshareclasses:name=liberty,readonly,nonfatal,cacheDir=/output/.classCache/ -Dosgi.checkConfiguration=false ${IBM_JAVA_OPTIONS}"
 

releases/22.0.0.12/full/Dockerfile.ubi.openjdk11

@@ -80,15 +80,41 @@ RUN mkdir /logs \
     && mkdir /etc/wlp \
     && chown -R 1001:0 /etc/wlp \
     && chmod -R g+rw /etc/wlp \
-    && echo "<server description=\"Default Server\"><httpEndpoint id=\"defaultHttpEndpoint\" host=\"*\" /></server>" > /config/configDropins/defaults/open-default-port.xml
+    && mkdir -p /opt/ol/links \
+    && chown -R 1001:0 /opt/ol/links \
+    && chmod -R g+rw /opt/ol/links
+
+# Create second-level symlinks as non-root user
+USER 1001
+
+RUN mkdir -p $WLP_OUTPUT_DIR/defaultServer \
+    && ln -s $WLP_OUTPUT_DIR/defaultServer /opt/ol/links/output \
+    && ln -s /opt/ol/wlp/usr/servers/defaultServer /opt/ol/links/config \
+    && mkdir -p /opt/ol/links/config/configDropins/defaults \
+    && mkdir -p /opt/ol/links/config/configDropins/overrides \
+    && echo "<server description=\"Default Server\"><httpEndpoint id=\"defaultHttpEndpoint\" host=\"*\" /></server>" > /opt/ol/links/config/configDropins/defaults/open-default-port.xml
+
+# Create first-level symlinks as root user
+USER 0
+
+RUN ln -s /opt/ol/links/output /output \
+    && ln -s /opt/ol/links/config /config \
+    && chown -R 1001:0 /opt/ol/links/output \
+    && chmod -R g+rw /opt/ol/links/output \
+    && chown -R 1001:0 /opt/ol/links/config \
+    && chmod -R g+rw /opt/ol/links/config \
+    && chown -R 1001:0 /config \
+    && chmod -R g+rw /config \
+    && chown -R 1001:0 /output \
+    && chmod -R g+rw /output
 
 # Create a new SCC layer
 RUN if [ "$OPENJ9_SCC" = "true" ]; then populate_scc.sh; fi \
     && rm -rf /output/messaging /output/resources/security /logs/* $WLP_OUTPUT_DIR/.classCache \
     && chown -R 1001:0 /opt/ol/wlp/output \
     && chmod -R g+rwx /opt/ol/wlp/output
 
-#These settings are needed so that we can run as a different user than 1001 after server warmup
+# These settings are needed so that we can run as a different user than 1001 after server warmup
 ENV RANDFILE=/tmp/.rnd \
     OPENJ9_JAVA_OPTIONS="-XX:+IgnoreUnrecognizedVMOptions -XX:+IdleTuningGcOnIdle -Xshareclasses:name=openj9_system_scc,cacheDir=/opt/java/.scc,readonly,nonFatal -Dosgi.checkConfiguration=false"
 

releases/22.0.0.12/full/Dockerfile.ubi.openjdk17

@@ -80,15 +80,41 @@ RUN mkdir /logs \
     && mkdir /etc/wlp \
     && chown -R 1001:0 /etc/wlp \
     && chmod -R g+rw /etc/wlp \
-    && echo "<server description=\"Default Server\"><httpEndpoint id=\"defaultHttpEndpoint\" host=\"*\" /></server>" > /config/configDropins/defaults/open-default-port.xml
+    && mkdir -p /opt/ol/links \
+    && chown -R 1001:0 /opt/ol/links \
+    && chmod -R g+rw /opt/ol/links
+
+# Create second-level symlinks as non-root user
+USER 1001
+
+RUN mkdir -p $WLP_OUTPUT_DIR/defaultServer \
+    && ln -s $WLP_OUTPUT_DIR/defaultServer /opt/ol/links/output \
+    && ln -s /opt/ol/wlp/usr/servers/defaultServer /opt/ol/links/config \
+    && mkdir -p /opt/ol/links/config/configDropins/defaults \
+    && mkdir -p /opt/ol/links/config/configDropins/overrides \
+    && echo "<server description=\"Default Server\"><httpEndpoint id=\"defaultHttpEndpoint\" host=\"*\" /></server>" > /opt/ol/links/config/configDropins/defaults/open-default-port.xml
+
+# Create first-level symlinks as root user
+USER 0
+
+RUN ln -s /opt/ol/links/output /output \
+    && ln -s /opt/ol/links/config /config \
+    && chown -R 1001:0 /opt/ol/links/output \
+    && chmod -R g+rw /opt/ol/links/output \
+    && chown -R 1001:0 /opt/ol/links/config \
+    && chmod -R g+rw /opt/ol/links/config \
+    && chown -R 1001:0 /config \
+    && chmod -R g+rw /config \
+    && chown -R 1001:0 /output \
+    && chmod -R g+rw /output
 
 # Create a new SCC layer
 RUN if [ "$OPENJ9_SCC" = "true" ]; then populate_scc.sh; fi \
     && rm -rf /output/messaging /output/resources/security /logs/* $WLP_OUTPUT_DIR/.classCache \
     && chown -R 1001:0 /opt/ol/wlp/output \
     && chmod -R g+rwx /opt/ol/wlp/output
 
-#These settings are needed so that we can run as a different user than 1001 after server warmup
+# These settings are needed so that we can run as a different user than 1001 after server warmup
 ENV RANDFILE=/tmp/.rnd \
     OPENJ9_JAVA_OPTIONS="-XX:+IgnoreUnrecognizedVMOptions -XX:+IdleTuningGcOnIdle -Xshareclasses:name=openj9_system_scc,cacheDir=/opt/java/.scc,readonly,nonFatal -Dosgi.checkConfiguration=false"
 

releases/22.0.0.12/full/Dockerfile.ubi.openjdk8

@@ -80,15 +80,41 @@ RUN mkdir /logs \
     && mkdir /etc/wlp \
     && chown -R 1001:0 /etc/wlp \
     && chmod -R g+rw /etc/wlp \
-    && echo "<server description=\"Default Server\"><httpEndpoint id=\"defaultHttpEndpoint\" host=\"*\" /></server>" > /config/configDropins/defaults/open-default-port.xml
+    && mkdir -p /opt/ol/links \
+    && chown -R 1001:0 /opt/ol/links \
+    && chmod -R g+rw /opt/ol/links
+
+# Create second-level symlinks as non-root user
+USER 1001
+
+RUN mkdir -p $WLP_OUTPUT_DIR/defaultServer \
+    && ln -s $WLP_OUTPUT_DIR/defaultServer /opt/ol/links/output \
+    && ln -s /opt/ol/wlp/usr/servers/defaultServer /opt/ol/links/config \
+    && mkdir -p /opt/ol/links/config/configDropins/defaults \
+    && mkdir -p /opt/ol/links/config/configDropins/overrides \
+    && echo "<server description=\"Default Server\"><httpEndpoint id=\"defaultHttpEndpoint\" host=\"*\" /></server>" > /opt/ol/links/config/configDropins/defaults/open-default-port.xml
+
+# Create first-level symlinks as root user
+USER 0
+
+RUN ln -s /opt/ol/links/output /output \
+    && ln -s /opt/ol/links/config /config \
+    && chown -R 1001:0 /opt/ol/links/output \
+    && chmod -R g+rw /opt/ol/links/output \
+    && chown -R 1001:0 /opt/ol/links/config \
+    && chmod -R g+rw /opt/ol/links/config \
+    && chown -R 1001:0 /config \
+    && chmod -R g+rw /config \
+    && chown -R 1001:0 /output \
+    && chmod -R g+rw /output
 
 # Create a new SCC layer
 RUN if [ "$OPENJ9_SCC" = "true" ]; then populate_scc.sh; fi \
     && rm -rf /output/messaging /output/resources/security /logs/* $WLP_OUTPUT_DIR/.classCache \
     && chown -R 1001:0 /opt/ol/wlp/output \
     && chmod -R g+rwx /opt/ol/wlp/output
 
-#These settings are needed so that we can run as a different user than 1001 after server warmup
+# These settings are needed so that we can run as a different user than 1001 after server warmup
 ENV RANDFILE=/tmp/.rnd \
     OPENJ9_JAVA_OPTIONS="-XX:+IgnoreUnrecognizedVMOptions -XX:+IdleTuningGcOnIdle -Xshareclasses:name=openj9_system_scc,cacheDir=/opt/java/.scc,readonly,nonFatal -Dosgi.checkConfiguration=false"
 

releases/22.0.0.12/full/Dockerfile.ubuntu.openjdk11

@@ -79,15 +79,41 @@ RUN mkdir /logs \
     && mkdir /etc/wlp \
     && chown -R 1001:0 /etc/wlp \
     && chmod -R g+rw /etc/wlp \
-    && echo "<server description=\"Default Server\"><httpEndpoint id=\"defaultHttpEndpoint\" host=\"*\" /></server>" > /config/configDropins/defaults/open-default-port.xml
+    && mkdir -p /opt/ol/links \
+    && chown -R 1001:0 /opt/ol/links \
+    && chmod -R g+rw /opt/ol/links
+
+# Create second-level symlinks as non-root user
+USER 1001
+
+RUN mkdir -p $WLP_OUTPUT_DIR/defaultServer \
+    && ln -s $WLP_OUTPUT_DIR/defaultServer /opt/ol/links/output \
+    && ln -s /opt/ol/wlp/usr/servers/defaultServer /opt/ol/links/config \
+    && mkdir -p /opt/ol/links/config/configDropins/defaults \
+    && mkdir -p /opt/ol/links/config/configDropins/overrides \
+    && echo "<server description=\"Default Server\"><httpEndpoint id=\"defaultHttpEndpoint\" host=\"*\" /></server>" > /opt/ol/links/config/configDropins/defaults/open-default-port.xml
+
+# Create first-level symlinks as root user
+USER 0
+
+RUN ln -s /opt/ol/links/output /output \
+    && ln -s /opt/ol/links/config /config \
+    && chown -R 1001:0 /opt/ol/links/output \
+    && chmod -R g+rw /opt/ol/links/output \
+    && chown -R 1001:0 /opt/ol/links/config \
+    && chmod -R g+rw /opt/ol/links/config \
+    && chown -R 1001:0 /config \
+    && chmod -R g+rw /config \
+    && chown -R 1001:0 /output \
+    && chmod -R g+rw /output
 
 # Create a new SCC layer
 RUN if [ "$OPENJ9_SCC" = "true" ]; then populate_scc.sh; fi \
     && rm -rf /output/messaging /output/resources/security /logs/* $WLP_OUTPUT_DIR/.classCache \
     && chown -R 1001:0 /opt/ol/wlp/output \
     && chmod -R g+rwx /opt/ol/wlp/output
 
-#These settings are needed so that we can run as a different user than 1001 after server warmup
+# These settings are needed so that we can run as a different user than 1001 after server warmup
 ENV RANDFILE=/tmp/.rnd \
     OPENJ9_JAVA_OPTIONS="-XX:+IgnoreUnrecognizedVMOptions -XX:+IdleTuningGcOnIdle -Xshareclasses:name=openj9_system_scc,cacheDir=/opt/java/.scc,readonly,nonFatal -Dosgi.checkConfiguration=false"
 

releases/22.0.0.12/full/Dockerfile.ubuntu.openjdk17

@@ -79,15 +79,41 @@ RUN mkdir /logs \
     && mkdir /etc/wlp \
     && chown -R 1001:0 /etc/wlp \
     && chmod -R g+rw /etc/wlp \
-    && echo "<server description=\"Default Server\"><httpEndpoint id=\"defaultHttpEndpoint\" host=\"*\" /></server>" > /config/configDropins/defaults/open-default-port.xml
+    && mkdir -p /opt/ol/links \
+    && chown -R 1001:0 /opt/ol/links \
+    && chmod -R g+rw /opt/ol/links
+
+# Create second-level symlinks as non-root user
+USER 1001
+
+RUN mkdir -p $WLP_OUTPUT_DIR/defaultServer \
+    && ln -s $WLP_OUTPUT_DIR/defaultServer /opt/ol/links/output \
+    && ln -s /opt/ol/wlp/usr/servers/defaultServer /opt/ol/links/config \
+    && mkdir -p /opt/ol/links/config/configDropins/defaults \
+    && mkdir -p /opt/ol/links/config/configDropins/overrides \
+    && echo "<server description=\"Default Server\"><httpEndpoint id=\"defaultHttpEndpoint\" host=\"*\" /></server>" > /opt/ol/links/config/configDropins/defaults/open-default-port.xml
+
+# Create first-level symlinks as root user
+USER 0
+
+RUN ln -s /opt/ol/links/output /output \
+    && ln -s /opt/ol/links/config /config \
+    && chown -R 1001:0 /opt/ol/links/output \
+    && chmod -R g+rw /opt/ol/links/output \
+    && chown -R 1001:0 /opt/ol/links/config \
+    && chmod -R g+rw /opt/ol/links/config \
+    && chown -R 1001:0 /config \
+    && chmod -R g+rw /config \
+    && chown -R 1001:0 /output \
+    && chmod -R g+rw /output
 
 # Create a new SCC layer
 RUN if [ "$OPENJ9_SCC" = "true" ]; then populate_scc.sh; fi \
     && rm -rf /output/messaging /output/resources/security /logs/* $WLP_OUTPUT_DIR/.classCache \
     && chown -R 1001:0 /opt/ol/wlp/output \
     && chmod -R g+rwx /opt/ol/wlp/output
 
-#These settings are needed so that we can run as a different user than 1001 after server warmup
+# These settings are needed so that we can run as a different user than 1001 after server warmup
 ENV RANDFILE=/tmp/.rnd \
     OPENJ9_JAVA_OPTIONS="-XX:+IgnoreUnrecognizedVMOptions -XX:+IdleTuningGcOnIdle -Xshareclasses:name=openj9_system_scc,cacheDir=/opt/java/.scc,readonly,nonFatal -Dosgi.checkConfiguration=false"
 

releases/22.0.0.12/full/Dockerfile.ubuntu.openjdk8

@@ -79,15 +79,41 @@ RUN mkdir /logs \
     && mkdir /etc/wlp \
     && chown -R 1001:0 /etc/wlp \
     && chmod -R g+rw /etc/wlp \
-    && echo "<server description=\"Default Server\"><httpEndpoint id=\"defaultHttpEndpoint\" host=\"*\" /></server>" > /config/configDropins/defaults/open-default-port.xml
+    && mkdir -p /opt/ol/links \
+    && chown -R 1001:0 /opt/ol/links \
+    && chmod -R g+rw /opt/ol/links
+
+# Create second-level symlinks as non-root user
+USER 1001
+
+RUN mkdir -p $WLP_OUTPUT_DIR/defaultServer \
+    && ln -s $WLP_OUTPUT_DIR/defaultServer /opt/ol/links/output \
+    && ln -s /opt/ol/wlp/usr/servers/defaultServer /opt/ol/links/config \
+    && mkdir -p /opt/ol/links/config/configDropins/defaults \
+    && mkdir -p /opt/ol/links/config/configDropins/overrides \
+    && echo "<server description=\"Default Server\"><httpEndpoint id=\"defaultHttpEndpoint\" host=\"*\" /></server>" > /opt/ol/links/config/configDropins/defaults/open-default-port.xml
+
+# Create first-level symlinks as root user
+USER 0
+
+RUN ln -s /opt/ol/links/output /output \
+    && ln -s /opt/ol/links/config /config \
+    && chown -R 1001:0 /opt/ol/links/output \
+    && chmod -R g+rw /opt/ol/links/output \
+    && chown -R 1001:0 /opt/ol/links/config \
+    && chmod -R g+rw /opt/ol/links/config \
+    && chown -R 1001:0 /config \
+    && chmod -R g+rw /config \
+    && chown -R 1001:0 /output \
+    && chmod -R g+rw /output
 
 # Create a new SCC layer
 RUN if [ "$OPENJ9_SCC" = "true" ]; then populate_scc.sh; fi \
     && rm -rf /output/messaging /output/resources/security /logs/* $WLP_OUTPUT_DIR/.classCache \
     && chown -R 1001:0 /opt/ol/wlp/output \
     && chmod -R g+rwx /opt/ol/wlp/output
 
-#These settings are needed so that we can run as a different user than 1001 after server warmup
+# These settings are needed so that we can run as a different user than 1001 after server warmup
 ENV RANDFILE=/tmp/.rnd \
     OPENJ9_JAVA_OPTIONS="-XX:+IgnoreUnrecognizedVMOptions -XX:+IdleTuningGcOnIdle -Xshareclasses:name=openj9_system_scc,cacheDir=/opt/java/.scc,readonly,nonFatal -Dosgi.checkConfiguration=false"
 

releases/23.0.0.3/kernel-slim/Dockerfile.ubi.ibmjava8

@@ -78,15 +78,41 @@ RUN mkdir /logs \
     && mkdir /etc/wlp \
     && chown -R 1001:0 /etc/wlp \
     && chmod -R g+rw /etc/wlp \
-    && echo "<server description=\"Default Server\"><httpEndpoint id=\"defaultHttpEndpoint\" host=\"*\" /></server>" > /config/configDropins/defaults/open-default-port.xml
+    && mkdir -p /opt/ol/links \
+    && chown -R 1001:0 /opt/ol/links \
+    && chmod -R g+rw /opt/ol/links
+
+# Create second-level symlinks as non-root user
+USER 1001
+
+RUN mkdir -p $WLP_OUTPUT_DIR/defaultServer \
+    && ln -s $WLP_OUTPUT_DIR/defaultServer /opt/ol/links/output \
+    && ln -s /opt/ol/wlp/usr/servers/defaultServer /opt/ol/links/config \
+    && mkdir -p /opt/ol/links/config/configDropins/defaults \
+    && mkdir -p /opt/ol/links/config/configDropins/overrides \
+    && echo "<server description=\"Default Server\"><httpEndpoint id=\"defaultHttpEndpoint\" host=\"*\" /></server>" > /opt/ol/links/config/configDropins/defaults/open-default-port.xml
+
+# Create first-level symlinks as root user
+USER 0
+
+RUN ln -s /opt/ol/links/output /output \
+    && ln -s /opt/ol/links/config /config \
+    && chown -R 1001:0 /opt/ol/links/output \
+    && chmod -R g+rw /opt/ol/links/output \
+    && chown -R 1001:0 /opt/ol/links/config \
+    && chmod -R g+rw /opt/ol/links/config \
+    && chown -R 1001:0 /config \
+    && chmod -R g+rw /config \
+    && chown -R 1001:0 /output \
+    && chmod -R g+rw /output
 
 # Create a new SCC layer
 RUN if [ "$OPENJ9_SCC" = "true" ]; then populate_scc.sh; fi \
     && rm -rf /output/messaging /output/resources/security /logs/* $WLP_OUTPUT_DIR/.classCache /output/workarea \
     && chown -R 1001:0 /opt/ol/wlp/output \
     && chmod -R g+rwx /opt/ol/wlp/output
 
-#These settings are needed so that we can run as a different user than 1001 after server warmup
+# These settings are needed so that we can run as a different user than 1001 after server warmup
 ENV RANDFILE=/tmp/.rnd \
     IBM_JAVA_OPTIONS="-Xshareclasses:name=liberty,readonly,nonfatal,cacheDir=/output/.classCache/ -Dosgi.checkConfiguration=false ${IBM_JAVA_OPTIONS}"
 

releases/23.0.0.3/kernel-slim/Dockerfile.ubi.openjdk11

@@ -78,15 +78,41 @@ RUN mkdir /logs \
     && mkdir /etc/wlp \
     && chown -R 1001:0 /etc/wlp \
     && chmod -R g+rw /etc/wlp \
-    && echo "<server description=\"Default Server\"><httpEndpoint id=\"defaultHttpEndpoint\" host=\"*\" /></server>" > /config/configDropins/defaults/open-default-port.xml
+    && mkdir -p /opt/ol/links \
+    && chown -R 1001:0 /opt/ol/links \
+    && chmod -R g+rw /opt/ol/links
+
+# Create second-level symlinks as non-root user
+USER 1001
+
+RUN mkdir -p $WLP_OUTPUT_DIR/defaultServer \
+    && ln -s $WLP_OUTPUT_DIR/defaultServer /opt/ol/links/output \
+    && ln -s /opt/ol/wlp/usr/servers/defaultServer /opt/ol/links/config \
+    && mkdir -p /opt/ol/links/config/configDropins/defaults \
+    && mkdir -p /opt/ol/links/config/configDropins/overrides \
+    && echo "<server description=\"Default Server\"><httpEndpoint id=\"defaultHttpEndpoint\" host=\"*\" /></server>" > /opt/ol/links/config/configDropins/defaults/open-default-port.xml
+
+# Create first-level symlinks as root user
+USER 0
+
+RUN ln -s /opt/ol/links/output /output \
+    && ln -s /opt/ol/links/config /config \
+    && chown -R 1001:0 /opt/ol/links/output \
+    && chmod -R g+rw /opt/ol/links/output \
+    && chown -R 1001:0 /opt/ol/links/config \
+    && chmod -R g+rw /opt/ol/links/config \
+    && chown -R 1001:0 /config \
+    && chmod -R g+rw /config \
+    && chown -R 1001:0 /output \
+    && chmod -R g+rw /output
 
 # Create a new SCC layer
 RUN if [ "$OPENJ9_SCC" = "true" ]; then populate_scc.sh; fi \
     && rm -rf /output/messaging /output/resources/security /logs/* $WLP_OUTPUT_DIR/.classCache /output/workarea \
     && chown -R 1001:0 /opt/ol/wlp/output \
     && chmod -R g+rwx /opt/ol/wlp/output
 
-#These settings are needed so that we can run as a different user than 1001 after server warmup
+# These settings are needed so that we can run as a different user than 1001 after server warmup
 ENV RANDFILE=/tmp/.rnd \
     OPENJ9_JAVA_OPTIONS="-XX:+IgnoreUnrecognizedVMOptions -XX:+IdleTuningGcOnIdle -Xshareclasses:name=openj9_system_scc,cacheDir=/opt/java/.scc,readonly,nonFatal -Dosgi.checkConfiguration=false"