'yum clean all | packages' missing

ID

purge_yum_package_cache

Severity

low

Family

Container Security

Tags

dockerfile, non-reachable, smaller-size

Description

Cached package data should be cleaned after installation to reduce image size.

Security

N/A

Examples

FROM centos:centos7

# issue, no clean all
RUN yum -y install zsh

Mitigation / Fix

Add yum clean all to Dockerfile:

FROM centos:centos7

# fixed
RUN yum -y install zsh && yum clean all