You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@couchdb.apache.org by wi...@apache.org on 2023/03/24 14:01:20 UTC

[couchdb-docker] 01/01: fix: set $HOME when stepping down from root

This is an automated email from the ASF dual-hosted git repository.

willholley pushed a commit to branch 236/set-home-env
in repository https://gitbox.apache.org/repos/asf/couchdb-docker.git

commit ff67658960990eaaa1fe75007ac92c5444bc05f2
Author: Will Holley <wi...@uk.ibm.com>
AuthorDate: Fri Mar 24 13:52:55 2023 +0000

    fix: set $HOME when stepping down from root
    
    Ticket: https://github.com/apache/couchdb-docker/issues/236
    
    Why:
    
    In https://github.com/apache/couchdb-docker/pull/234 we moved from using
    `gosu` to `setpriv` to step down from the root user to the couchdb user.
    
    There is a behavioural difference between and `gosu` and `setpriv` in
    that `gosu` will [set the $HOME environment variable](https://github.com/tianon/gosu/blob/master/setup-user.go#L45)
    to that of the target user.
    
    Without this behaviour, `couchdb` includes the root user home
    directory (`/root`) in various search paths and crashes because it
    doesn't have read permissions.
    
    How:
    
    Explicitly set `$HOME` to the `couchdb` user home directory before
    we execute as the `couchdb` user, replicating the `gosu` behaviour.
---
 3.2.2/docker-entrypoint.sh | 1 +
 3.3.1/docker-entrypoint.sh | 1 +
 dev/docker-entrypoint.sh   | 2 +-
 3 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/3.2.2/docker-entrypoint.sh b/3.2.2/docker-entrypoint.sh
index e691a66..a8544c7 100755
--- a/3.2.2/docker-entrypoint.sh
+++ b/3.2.2/docker-entrypoint.sh
@@ -114,6 +114,7 @@ EOWARN
 	fi
 
 	if [ "$(id -u)" = '0' ]; then
+		export HOME=$(echo ~couchdb)
 		exec setpriv --reuid=couchdb --regid=couchdb --clear-groups "$@"
 	fi
 fi
diff --git a/3.3.1/docker-entrypoint.sh b/3.3.1/docker-entrypoint.sh
index e691a66..a8544c7 100755
--- a/3.3.1/docker-entrypoint.sh
+++ b/3.3.1/docker-entrypoint.sh
@@ -114,6 +114,7 @@ EOWARN
 	fi
 
 	if [ "$(id -u)" = '0' ]; then
+		export HOME=$(echo ~couchdb)
 		exec setpriv --reuid=couchdb --regid=couchdb --clear-groups "$@"
 	fi
 fi
diff --git a/dev/docker-entrypoint.sh b/dev/docker-entrypoint.sh
index 0db874a..7239912 100755
--- a/dev/docker-entrypoint.sh
+++ b/dev/docker-entrypoint.sh
@@ -103,7 +103,7 @@ EOWARN
 		exit 1
 	fi
 
-
+	export HOME=$(echo ~couchdb)
 	exec setpriv --reuid=couchdb --regid=couchdb --clear-groups "$@"
 fi