From 693a76431049bab6c9b3b2b3bf3579f840fcb141 Mon Sep 17 00:00:00 2001
From: Juliaan Duchateau <juliaanduchateau@hotmail.com>
Date: Sat, 27 Dec 2025 08:56:49 +0100
Subject: [PATCH 1/2] run toolbox as non-root user

---
 Dockerfile |  5 ++++-
 nzp        | 10 +++++++++-
 2 files changed, 13 insertions(+), 2 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 117ef90..a8ceaae 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -7,5 +7,8 @@ COPY scripts/ /opt/scripts/
 COPY entrypoint.sh /entrypoint.sh
 
 RUN chmod +x /entrypoint.sh /opt/scripts/*.sh
+RUN mkdir /workspace
+# set read,write,execute permissions for everyone, in case we don't wnat to run as root later.
+RUN chmod -R 777 /workspace /entrypoint.sh /opt/scripts
 
-ENTRYPOINT ["/entrypoint.sh"]
\ No newline at end of file
+ENTRYPOINT ["/entrypoint.sh"]
diff --git a/nzp b/nzp
index efceb21..f099e45 100755
--- a/nzp
+++ b/nzp
@@ -15,8 +15,15 @@ fi
 
 # Detect first-time setup and pull repos if needed
 if [ ! -d "$TOOLBOX_ROOT/repos" ] || ! compgen -G "$TOOLBOX_ROOT/repos/*/.git" > /dev/null; then
+    # create misisng folders expicitly, else Docker would create them with root as owner
+    mkdir "$TOOLBOX_ROOT/repos"
+    if [ ! -d "$TOOLBOX_ROOT/python_envs" ]; then
+        mkdir "$TOOLBOX_ROOT/python_envs"
+    fi
+
     echo "[INFO] Pulling repositories for first time use..."
     docker run --platform=linux/amd64 --rm -i \
+        -u $(id -u):$(id -g) \
         -v "$TOOLBOX_ROOT/config":/workspace/config \
         -v "$TOOLBOX_ROOT/repos":/workspace/repos \
         -v "$TOOLBOX_ROOT/python_envs":/workspace/python_envs \
@@ -26,8 +33,9 @@ fi
 
 # Run container with mounts and pass our arguments
 docker run --platform=linux/amd64 --rm -i \
+    -u $(id -u):$(id -g) \
     -v "$TOOLBOX_ROOT/config":/workspace/config \
     -v "$TOOLBOX_ROOT/repos":/workspace/repos \
     -v "$TOOLBOX_ROOT/python_envs":/workspace/python_envs \
     "$IMAGE_NAME" \
-    "$@"
\ No newline at end of file
+    "$@"

From e81e479c2cd768f6451c63f07358ba652aab6a33 Mon Sep 17 00:00:00 2001
From: Juliaan Duchateau <juliaanduchateau@hotmail.com>
Date: Sat, 27 Dec 2025 09:13:26 +0100
Subject: [PATCH 2/2] fix typos

---
 nzp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/nzp b/nzp
index f099e45..30ca452 100755
--- a/nzp
+++ b/nzp
@@ -15,7 +15,7 @@ fi
 
 # Detect first-time setup and pull repos if needed
 if [ ! -d "$TOOLBOX_ROOT/repos" ] || ! compgen -G "$TOOLBOX_ROOT/repos/*/.git" > /dev/null; then
-    # create misisng folders expicitly, else Docker would create them with root as owner
+    # create missing folders explicitly, else Docker would create them with root as owner
     mkdir "$TOOLBOX_ROOT/repos"
     if [ ! -d "$TOOLBOX_ROOT/python_envs" ]; then
         mkdir "$TOOLBOX_ROOT/python_envs"