Set the user/group to well known id

Author: vmcj

docker/domserver/Dockerfile

@@ -60,6 +60,14 @@ RUN apt-get update \
 	ca-certificates python3-yaml python3-requests \
 	&& rm -rf /var/lib/apt/lists/*
 
+# Check the UID and GID of the domjudge user are the same as in the previous build stage
+# (otherwise the COPY directives below won't set the correct ownership)
+COPY --from=domserver-build /etc/passwd /tmp/domserver-build-etc-passwd
+RUN sed -i -n '/^domjudge:/p' /tmp/domserver-build-etc-passwd \
+	&& sed -n '/^domjudge:/p' /etc/passwd | diff /tmp/domserver-build-etc-passwd - \
+	|| { echo "error: UID/GID of 'domjudge' differ from previous build stage; they must be the same for COPY to work" >&2; exit 1; } \
+	&& rm /tmp/domserver-build-etc-passwd
+
 # Copy domserver
 COPY --from=domserver-build /opt/domjudge/domserver /opt/domjudge/domserver
 COPY --from=domserver-build /opt/domjudge/doc /opt/domjudge/doc

docker/judgehost/Dockerfile

@@ -28,6 +28,15 @@ ADD chroot.tar.gz /
 ADD judgehost.tar.gz /
 RUN cp /opt/domjudge/judgehost/etc/sudoers-domjudge /etc/sudoers.d/
 
+# Check that the ownership of some well-known directory is correctly set to "domjudge"
+# (the ownership will be incorrect if the UID is different in the .tar.gz archives from the previous build stage, added above)
+RUN current_uid="$(id -u domjudge)" \
+	&& archive_uid="$(stat -c %u /opt/domjudge/judgehost/run)" \
+	&& [ "$current_uid" = "$archive_uid" ] \
+	|| { echo "error: expected owner UID of /opt/domjudge/judgehost/run to be $current_uid (domjudge), but it is $archive_uid ($(id -un "$archive_uid" || echo no such user))" >&2; \
+		echo "hint: check that the UID of user 'domjudge' is the same in both build stages" >&2; \
+		exit 1; }
+
 # Add scripts
 COPY judgehost/scripts /scripts/