[couchdb-docker] 01/01: fix: set $HOME when stepping down from root

Fri, 24 Mar 2023 07:02:07 -0700 

This is an automated email from the ASF dual-hosted git repository.

willholley pushed a commit to branch 236/set-home-env
in repository https://gitbox.apache.org/repos/asf/couchdb-docker.git

commit ff67658960990eaaa1fe75007ac92c5444bc05f2
Author: Will Holley <[email protected]>
AuthorDate: Fri Mar 24 13:52:55 2023 +0000

    fix: set $HOME when stepping down from root
    
    Ticket: https://github.com/apache/couchdb-docker/issues/236
    
    Why:
    
    In https://github.com/apache/couchdb-docker/pull/234 we moved from using
    `gosu` to `setpriv` to step down from the root user to the couchdb user.
    
    There is a behavioural difference between and `gosu` and `setpriv` in
    that `gosu` will [set the $HOME environment 
variable](https://github.com/tianon/gosu/blob/master/setup-user.go#L45)
    to that of the target user.
    
    Without this behaviour, `couchdb` includes the root user home
    directory (`/root`) in various search paths and crashes because it
    doesn't have read permissions.
    
    How:
    
    Explicitly set `$HOME` to the `couchdb` user home directory before
    we execute as the `couchdb` user, replicating the `gosu` behaviour.
---
 3.2.2/docker-entrypoint.sh | 1 +
 3.3.1/docker-entrypoint.sh | 1 +
 dev/docker-entrypoint.sh   | 2 +-
 3 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/3.2.2/docker-entrypoint.sh b/3.2.2/docker-entrypoint.sh
index e691a66..a8544c7 100755
--- a/3.2.2/docker-entrypoint.sh
+++ b/3.2.2/docker-entrypoint.sh
@@ -114,6 +114,7 @@ EOWARN
        fi
 
        if [ "$(id -u)" = '0' ]; then
+               export HOME=$(echo ~couchdb)
                exec setpriv --reuid=couchdb --regid=couchdb --clear-groups "$@"
        fi
 fi
diff --git a/3.3.1/docker-entrypoint.sh b/3.3.1/docker-entrypoint.sh
index e691a66..a8544c7 100755
--- a/3.3.1/docker-entrypoint.sh
+++ b/3.3.1/docker-entrypoint.sh
@@ -114,6 +114,7 @@ EOWARN
        fi
 
        if [ "$(id -u)" = '0' ]; then
+               export HOME=$(echo ~couchdb)
                exec setpriv --reuid=couchdb --regid=couchdb --clear-groups "$@"
        fi
 fi
diff --git a/dev/docker-entrypoint.sh b/dev/docker-entrypoint.sh
index 0db874a..7239912 100755
--- a/dev/docker-entrypoint.sh
+++ b/dev/docker-entrypoint.sh
@@ -103,7 +103,7 @@ EOWARN
                exit 1
        fi
 
-
+       export HOME=$(echo ~couchdb)
        exec setpriv --reuid=couchdb --regid=couchdb --clear-groups "$@"
 fi

Reply via email to