SRCH-5217 SRCH-5168 Fix error `visit_Psych_Nodes_Alias' ... (Psych::B…

…adAlias)`. Fix suid & sgid deletion, remove crontabs and init files (#257)

bin/secure_docker

@@ -13,10 +13,16 @@ echo "echo -e 'This is a U.S. General Services Administration Federal Government
 rm -fr /etc/sysctl* /etc/modprobe.d /etc/modules /etc/mdev.conf /etc/acpi
 
 # Remove suid & sgid files to enforce simple permission sets.
-find /bin /etc /lib /sbin /usr -xdev -type f -a \( -perm +4000 -o -perm +2000 \) -delete
+find /bin /etc /lib /sbin /usr -xdev -type f -a \( -perm /4000 -o -perm /2000 \) -delete
 
 # Check for calls out of the dockerfile to download software externally
 apt-get remove -y --auto-remove curl
 
 # Remove any broken symlinks, if any.
 find /bin /etc /lib /sbin /usr -xdev -type l -exec test ! -e {} \; -delete
+
+# Remove existing crontabs
+rm -rf /etc/cron.d /etc/cron.daily
+
+# Remove init scripts since we do not use them.
+rm -fr /etc/init.d /lib/rc /etc/conf.d /etc/inittab /etc/runlevels /etc/rc.conf /etc/logrotate.d

config/initializers/redis.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 if Rails.env.production?
-  sidekiq = YAML.load_file("#{Rails.root}/config/sidekiq.yml")
+  sidekiq = Rails.application.config_for(:sidekiq)
 else
   sidekiq = Rails.configuration.sidekiq
 end

config/initializers/sidekiq.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 if Rails.env.production?
-  sidekiq = YAML.load_file("#{Rails.root}/config/sidekiq.yml")
+  sidekiq = Rails.application.config_for(:sidekiq)
 else
   sidekiq = Rails.configuration.sidekiq
 end