mirror of
https://github.com/Icinga/docker-icingaweb2.git
synced 2025-10-23 21:11:00 +02:00
entrypoint: give /dev/stdout and /dev/stderr to the www-data user as root
to allow apache2 to open them after dropping privileges.
This commit is contained in:
parent
37fc5ea78f
commit
71498232e3
@ -57,6 +57,21 @@ func entrypoint() error {
|
|||||||
return nil
|
return nil
|
||||||
})
|
})
|
||||||
|
|
||||||
|
for _, stdio := range [...]string{"/dev/stdout", "/dev/stderr"} {
|
||||||
|
logf("info", "Giving %s to the www-data user as we're root", stdio)
|
||||||
|
|
||||||
|
file, err := os.Open(stdio)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
if err := syscall.Fchown(int(file.Fd()), wwwdataUid, wwwdataUid); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
_ = file.Close()
|
||||||
|
}
|
||||||
|
|
||||||
logf("info", "Dropping privileges as we're root")
|
logf("info", "Dropping privileges as we're root")
|
||||||
|
|
||||||
if err := syscall.Setgid(wwwdataUid); err != nil {
|
if err := syscall.Setgid(wwwdataUid); err != nil {
|
||||||
|
Loading…
x
Reference in New Issue
Block a user