feat: adapt strict directory permissions for container $HOME folder

build-workspace.sh

@@ -20,32 +20,16 @@ buildah run "$ctr" -- bash -c "\
 
 buildah add "$ctr" home.tar.gz $DEV_HOME
 
-# configure lazyvim
 # shellcheck disable=SC2016
-buildah run --user "$DEV_USER" "$ctr" -- fish -c '
+buildah run "$ctr" -- fish -c '
   set -gx HOME '"$DEV_HOME"';
   ssh-keyscan -p 2222 10.88.0.1 >> $HOME/.ssh/known_hosts;
   ssh-keyscan -p 22 github.com >> $HOME/.ssh/known_hosts;
+  chown -R '"$DEV_USER"':'"$DEV_USER"' $HOME/.local $HOME/.config/fish/completions \
+    $HOME/.config/fish/functions $HOME/.config/fish/fish_variables;
+  chown '"$DEV_USER"':'"$DEV_USER"' $HOME/.config/tmux;
 '
 
-# lock the files
-buildah run "$ctr" -- bash -c "\
-  chmod 750 $DEV_HOME/start.sh \
-  $DEV_HOME/.config/lazygit/config.yml \
-  $DEV_HOME/.config/nvim/lua/config/lazy.lua \
-  $DEV_HOME/.config/nvim/init.lua \
-  $DEV_HOME/.config/nvim/README.md \
-  $DEV_HOME/.config/nvim/LICENSE \
-  $DEV_HOME/.config/tmux/tmux.conf && \
-  chown root:secproc $DEV_HOME/start.sh \
-  $DEV_HOME/.config/lazygit/config.yml \
-  $DEV_HOME/.config/nvim/lua/config/lazy.lua \
-  $DEV_HOME/.config/nvim/init.lua \
-  $DEV_HOME/.config/nvim/README.md \
-  $DEV_HOME/.config/nvim/LICENSE \
-  $DEV_HOME/.config/tmux/tmux.conf
-"
-
 buildah config \
   --user $DEV_USER \
   --workingdir /app \