From fb771afe554f421cca43f6b128fa400734d98b32 Mon Sep 17 00:00:00 2001
From: Ryan Scott <rscott@galois.com>
Date: Wed, 16 Oct 2024 15:14:31 -0400
Subject: [PATCH 1/2] Docker images: Default to non-root users

Fixes #1261.
---
 .github/Dockerfile-crux-llvm | 1 +
 .github/Dockerfile-crux-mir  | 1 +
 2 files changed, 2 insertions(+)

diff --git a/.github/Dockerfile-crux-llvm b/.github/Dockerfile-crux-llvm
index 02d65bc54..d8936966e 100644
--- a/.github/Dockerfile-crux-llvm
+++ b/.github/Dockerfile-crux-llvm
@@ -86,6 +86,7 @@ RUN cp -r c-src /usr/local/
 
 RUN sed -i '/en_US.UTF-8/s/^# //g' /etc/locale.gen && \
     locale-gen
+USER crux-llvm
 ENV LD_LIBRARY_PATH=/usr/local/lib
 ENV CLANG=clang-${LLVM_VER}
 ENV LLVM_LINK=llvm-link-${LLVM_VER}
diff --git a/.github/Dockerfile-crux-mir b/.github/Dockerfile-crux-mir
index ea90acfb7..bc51841a0 100644
--- a/.github/Dockerfile-crux-mir
+++ b/.github/Dockerfile-crux-mir
@@ -89,6 +89,7 @@ RUN mkdir -p ${DIR}/workspace
 
 WORKDIR ${DIR}/workspace
 
+USER crux-mir
 ENV CARGO_HOME=/usr/local/cargo \
     RUSTUP_HOME=/usr/local/rustup \
     CRUX_RUST_LIBRARY_PATH=/crux-mir/rlibs \

From 04bc614d7541d4c8771ee63bf54182080dc5a003 Mon Sep 17 00:00:00 2001
From: Ryan Scott <rscott@galois.com>
Date: Wed, 16 Oct 2024 15:16:22 -0400
Subject: [PATCH 2/2] crux-mir Docker image: Provide C compiler

Fixes #1262.
---
 .github/Dockerfile-crux-mir | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/.github/Dockerfile-crux-mir b/.github/Dockerfile-crux-mir
index bc51841a0..0eff391c2 100644
--- a/.github/Dockerfile-crux-mir
+++ b/.github/Dockerfile-crux-mir
@@ -78,7 +78,9 @@ FROM ubuntu:22.04
 USER root
 RUN apt-get update && \
     apt-get install -y \
-      libgmp10 zlib1g libcurl4
+      libgmp10 zlib1g libcurl4 \
+      # A C toolchain (needed to build crates that require a C compiler)
+      clang
 
 ARG DIR=/crux-mir
 COPY --from=mir_json /usr/local/cargo /usr/local/cargo