From bf1d80595b901f62a91c3d18328d11706c5dd563 Mon Sep 17 00:00:00 2001 From: Jan Dittrich Date: Thu, 10 Dec 2020 21:38:36 +0100 Subject: [PATCH] Add env variables to change UID/GID of www-data Signed-off-by: Jan Dittrich --- 18.0/apache/entrypoint.sh | 16 ++++++++++++++++ 18.0/fpm-alpine/Dockerfile | 1 + 18.0/fpm-alpine/entrypoint.sh | 16 ++++++++++++++++ 18.0/fpm/entrypoint.sh | 16 ++++++++++++++++ 19.0/apache/entrypoint.sh | 16 ++++++++++++++++ 19.0/fpm-alpine/Dockerfile | 1 + 19.0/fpm-alpine/entrypoint.sh | 16 ++++++++++++++++ 19.0/fpm/entrypoint.sh | 16 ++++++++++++++++ 20.0/apache/entrypoint.sh | 16 ++++++++++++++++ 20.0/fpm-alpine/Dockerfile | 1 + 20.0/fpm-alpine/entrypoint.sh | 16 ++++++++++++++++ 20.0/fpm/entrypoint.sh | 16 ++++++++++++++++ Dockerfile-alpine.template | 1 + docker-entrypoint.sh | 16 ++++++++++++++++ 14 files changed, 164 insertions(+) diff --git a/18.0/apache/entrypoint.sh b/18.0/apache/entrypoint.sh index b9ec5fc5f..ecc8f4d7e 100755 --- a/18.0/apache/entrypoint.sh +++ b/18.0/apache/entrypoint.sh @@ -43,6 +43,22 @@ file_env() { unset "$fileVar" } +# change uid/gid of www-data +if [ "$(id -u)" = 0 ]; then + CURRENT_UID=$(id -u www-data) + CURRENT_GID=$(id -g www-data) + if [ -n "${UID+x}" ] && [ "$UID" -ne $CURRENT_UID ]; then + echo "Change UID of www-data from $CURRENT_UID to $UID" + usermod -u $UID www-data + find / -xdev -user $CURRENT_UID -exec chown -h www-data {} \; + fi + if [ -n "${GID+x}" ] && [ "$GID" -ne $CURRENT_GID ]; then + echo "Change GID of www-data from $CURRENT_GID to $GID" + groupmod -g $GID www-data + find / -xdev -group $CURRENT_GID -exec chgrp -h www-data {} \; + fi +fi + if expr "$1" : "apache" 1>/dev/null; then if [ -n "${APACHE_DISABLE_REWRITE_IP+x}" ]; then a2disconf remoteip diff --git a/18.0/fpm-alpine/Dockerfile b/18.0/fpm-alpine/Dockerfile index e4dadfe75..a336b38e7 100644 --- a/18.0/fpm-alpine/Dockerfile +++ b/18.0/fpm-alpine/Dockerfile @@ -6,6 +6,7 @@ RUN set -ex; \ \ apk add --no-cache \ rsync \ + shadow \ ; \ \ rm /var/spool/cron/crontabs/root; \ diff --git a/18.0/fpm-alpine/entrypoint.sh b/18.0/fpm-alpine/entrypoint.sh index b9ec5fc5f..ecc8f4d7e 100755 --- a/18.0/fpm-alpine/entrypoint.sh +++ b/18.0/fpm-alpine/entrypoint.sh @@ -43,6 +43,22 @@ file_env() { unset "$fileVar" } +# change uid/gid of www-data +if [ "$(id -u)" = 0 ]; then + CURRENT_UID=$(id -u www-data) + CURRENT_GID=$(id -g www-data) + if [ -n "${UID+x}" ] && [ "$UID" -ne $CURRENT_UID ]; then + echo "Change UID of www-data from $CURRENT_UID to $UID" + usermod -u $UID www-data + find / -xdev -user $CURRENT_UID -exec chown -h www-data {} \; + fi + if [ -n "${GID+x}" ] && [ "$GID" -ne $CURRENT_GID ]; then + echo "Change GID of www-data from $CURRENT_GID to $GID" + groupmod -g $GID www-data + find / -xdev -group $CURRENT_GID -exec chgrp -h www-data {} \; + fi +fi + if expr "$1" : "apache" 1>/dev/null; then if [ -n "${APACHE_DISABLE_REWRITE_IP+x}" ]; then a2disconf remoteip diff --git a/18.0/fpm/entrypoint.sh b/18.0/fpm/entrypoint.sh index b9ec5fc5f..ecc8f4d7e 100755 --- a/18.0/fpm/entrypoint.sh +++ b/18.0/fpm/entrypoint.sh @@ -43,6 +43,22 @@ file_env() { unset "$fileVar" } +# change uid/gid of www-data +if [ "$(id -u)" = 0 ]; then + CURRENT_UID=$(id -u www-data) + CURRENT_GID=$(id -g www-data) + if [ -n "${UID+x}" ] && [ "$UID" -ne $CURRENT_UID ]; then + echo "Change UID of www-data from $CURRENT_UID to $UID" + usermod -u $UID www-data + find / -xdev -user $CURRENT_UID -exec chown -h www-data {} \; + fi + if [ -n "${GID+x}" ] && [ "$GID" -ne $CURRENT_GID ]; then + echo "Change GID of www-data from $CURRENT_GID to $GID" + groupmod -g $GID www-data + find / -xdev -group $CURRENT_GID -exec chgrp -h www-data {} \; + fi +fi + if expr "$1" : "apache" 1>/dev/null; then if [ -n "${APACHE_DISABLE_REWRITE_IP+x}" ]; then a2disconf remoteip diff --git a/19.0/apache/entrypoint.sh b/19.0/apache/entrypoint.sh index b9ec5fc5f..ecc8f4d7e 100755 --- a/19.0/apache/entrypoint.sh +++ b/19.0/apache/entrypoint.sh @@ -43,6 +43,22 @@ file_env() { unset "$fileVar" } +# change uid/gid of www-data +if [ "$(id -u)" = 0 ]; then + CURRENT_UID=$(id -u www-data) + CURRENT_GID=$(id -g www-data) + if [ -n "${UID+x}" ] && [ "$UID" -ne $CURRENT_UID ]; then + echo "Change UID of www-data from $CURRENT_UID to $UID" + usermod -u $UID www-data + find / -xdev -user $CURRENT_UID -exec chown -h www-data {} \; + fi + if [ -n "${GID+x}" ] && [ "$GID" -ne $CURRENT_GID ]; then + echo "Change GID of www-data from $CURRENT_GID to $GID" + groupmod -g $GID www-data + find / -xdev -group $CURRENT_GID -exec chgrp -h www-data {} \; + fi +fi + if expr "$1" : "apache" 1>/dev/null; then if [ -n "${APACHE_DISABLE_REWRITE_IP+x}" ]; then a2disconf remoteip diff --git a/19.0/fpm-alpine/Dockerfile b/19.0/fpm-alpine/Dockerfile index 533a5489f..adb33646e 100644 --- a/19.0/fpm-alpine/Dockerfile +++ b/19.0/fpm-alpine/Dockerfile @@ -6,6 +6,7 @@ RUN set -ex; \ \ apk add --no-cache \ rsync \ + shadow \ ; \ \ rm /var/spool/cron/crontabs/root; \ diff --git a/19.0/fpm-alpine/entrypoint.sh b/19.0/fpm-alpine/entrypoint.sh index b9ec5fc5f..ecc8f4d7e 100755 --- a/19.0/fpm-alpine/entrypoint.sh +++ b/19.0/fpm-alpine/entrypoint.sh @@ -43,6 +43,22 @@ file_env() { unset "$fileVar" } +# change uid/gid of www-data +if [ "$(id -u)" = 0 ]; then + CURRENT_UID=$(id -u www-data) + CURRENT_GID=$(id -g www-data) + if [ -n "${UID+x}" ] && [ "$UID" -ne $CURRENT_UID ]; then + echo "Change UID of www-data from $CURRENT_UID to $UID" + usermod -u $UID www-data + find / -xdev -user $CURRENT_UID -exec chown -h www-data {} \; + fi + if [ -n "${GID+x}" ] && [ "$GID" -ne $CURRENT_GID ]; then + echo "Change GID of www-data from $CURRENT_GID to $GID" + groupmod -g $GID www-data + find / -xdev -group $CURRENT_GID -exec chgrp -h www-data {} \; + fi +fi + if expr "$1" : "apache" 1>/dev/null; then if [ -n "${APACHE_DISABLE_REWRITE_IP+x}" ]; then a2disconf remoteip diff --git a/19.0/fpm/entrypoint.sh b/19.0/fpm/entrypoint.sh index b9ec5fc5f..ecc8f4d7e 100755 --- a/19.0/fpm/entrypoint.sh +++ b/19.0/fpm/entrypoint.sh @@ -43,6 +43,22 @@ file_env() { unset "$fileVar" } +# change uid/gid of www-data +if [ "$(id -u)" = 0 ]; then + CURRENT_UID=$(id -u www-data) + CURRENT_GID=$(id -g www-data) + if [ -n "${UID+x}" ] && [ "$UID" -ne $CURRENT_UID ]; then + echo "Change UID of www-data from $CURRENT_UID to $UID" + usermod -u $UID www-data + find / -xdev -user $CURRENT_UID -exec chown -h www-data {} \; + fi + if [ -n "${GID+x}" ] && [ "$GID" -ne $CURRENT_GID ]; then + echo "Change GID of www-data from $CURRENT_GID to $GID" + groupmod -g $GID www-data + find / -xdev -group $CURRENT_GID -exec chgrp -h www-data {} \; + fi +fi + if expr "$1" : "apache" 1>/dev/null; then if [ -n "${APACHE_DISABLE_REWRITE_IP+x}" ]; then a2disconf remoteip diff --git a/20.0/apache/entrypoint.sh b/20.0/apache/entrypoint.sh index b9ec5fc5f..ecc8f4d7e 100755 --- a/20.0/apache/entrypoint.sh +++ b/20.0/apache/entrypoint.sh @@ -43,6 +43,22 @@ file_env() { unset "$fileVar" } +# change uid/gid of www-data +if [ "$(id -u)" = 0 ]; then + CURRENT_UID=$(id -u www-data) + CURRENT_GID=$(id -g www-data) + if [ -n "${UID+x}" ] && [ "$UID" -ne $CURRENT_UID ]; then + echo "Change UID of www-data from $CURRENT_UID to $UID" + usermod -u $UID www-data + find / -xdev -user $CURRENT_UID -exec chown -h www-data {} \; + fi + if [ -n "${GID+x}" ] && [ "$GID" -ne $CURRENT_GID ]; then + echo "Change GID of www-data from $CURRENT_GID to $GID" + groupmod -g $GID www-data + find / -xdev -group $CURRENT_GID -exec chgrp -h www-data {} \; + fi +fi + if expr "$1" : "apache" 1>/dev/null; then if [ -n "${APACHE_DISABLE_REWRITE_IP+x}" ]; then a2disconf remoteip diff --git a/20.0/fpm-alpine/Dockerfile b/20.0/fpm-alpine/Dockerfile index 273b33b91..6994d0421 100644 --- a/20.0/fpm-alpine/Dockerfile +++ b/20.0/fpm-alpine/Dockerfile @@ -6,6 +6,7 @@ RUN set -ex; \ \ apk add --no-cache \ rsync \ + shadow \ ; \ \ rm /var/spool/cron/crontabs/root; \ diff --git a/20.0/fpm-alpine/entrypoint.sh b/20.0/fpm-alpine/entrypoint.sh index b9ec5fc5f..ecc8f4d7e 100755 --- a/20.0/fpm-alpine/entrypoint.sh +++ b/20.0/fpm-alpine/entrypoint.sh @@ -43,6 +43,22 @@ file_env() { unset "$fileVar" } +# change uid/gid of www-data +if [ "$(id -u)" = 0 ]; then + CURRENT_UID=$(id -u www-data) + CURRENT_GID=$(id -g www-data) + if [ -n "${UID+x}" ] && [ "$UID" -ne $CURRENT_UID ]; then + echo "Change UID of www-data from $CURRENT_UID to $UID" + usermod -u $UID www-data + find / -xdev -user $CURRENT_UID -exec chown -h www-data {} \; + fi + if [ -n "${GID+x}" ] && [ "$GID" -ne $CURRENT_GID ]; then + echo "Change GID of www-data from $CURRENT_GID to $GID" + groupmod -g $GID www-data + find / -xdev -group $CURRENT_GID -exec chgrp -h www-data {} \; + fi +fi + if expr "$1" : "apache" 1>/dev/null; then if [ -n "${APACHE_DISABLE_REWRITE_IP+x}" ]; then a2disconf remoteip diff --git a/20.0/fpm/entrypoint.sh b/20.0/fpm/entrypoint.sh index b9ec5fc5f..ecc8f4d7e 100755 --- a/20.0/fpm/entrypoint.sh +++ b/20.0/fpm/entrypoint.sh @@ -43,6 +43,22 @@ file_env() { unset "$fileVar" } +# change uid/gid of www-data +if [ "$(id -u)" = 0 ]; then + CURRENT_UID=$(id -u www-data) + CURRENT_GID=$(id -g www-data) + if [ -n "${UID+x}" ] && [ "$UID" -ne $CURRENT_UID ]; then + echo "Change UID of www-data from $CURRENT_UID to $UID" + usermod -u $UID www-data + find / -xdev -user $CURRENT_UID -exec chown -h www-data {} \; + fi + if [ -n "${GID+x}" ] && [ "$GID" -ne $CURRENT_GID ]; then + echo "Change GID of www-data from $CURRENT_GID to $GID" + groupmod -g $GID www-data + find / -xdev -group $CURRENT_GID -exec chgrp -h www-data {} \; + fi +fi + if expr "$1" : "apache" 1>/dev/null; then if [ -n "${APACHE_DISABLE_REWRITE_IP+x}" ]; then a2disconf remoteip diff --git a/Dockerfile-alpine.template b/Dockerfile-alpine.template index 1beeae269..f4fc6eebb 100644 --- a/Dockerfile-alpine.template +++ b/Dockerfile-alpine.template @@ -5,6 +5,7 @@ RUN set -ex; \ \ apk add --no-cache \ rsync \ + shadow \ ; \ \ rm /var/spool/cron/crontabs/root; \ diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh index b9ec5fc5f..ecc8f4d7e 100755 --- a/docker-entrypoint.sh +++ b/docker-entrypoint.sh @@ -43,6 +43,22 @@ file_env() { unset "$fileVar" } +# change uid/gid of www-data +if [ "$(id -u)" = 0 ]; then + CURRENT_UID=$(id -u www-data) + CURRENT_GID=$(id -g www-data) + if [ -n "${UID+x}" ] && [ "$UID" -ne $CURRENT_UID ]; then + echo "Change UID of www-data from $CURRENT_UID to $UID" + usermod -u $UID www-data + find / -xdev -user $CURRENT_UID -exec chown -h www-data {} \; + fi + if [ -n "${GID+x}" ] && [ "$GID" -ne $CURRENT_GID ]; then + echo "Change GID of www-data from $CURRENT_GID to $GID" + groupmod -g $GID www-data + find / -xdev -group $CURRENT_GID -exec chgrp -h www-data {} \; + fi +fi + if expr "$1" : "apache" 1>/dev/null; then if [ -n "${APACHE_DISABLE_REWRITE_IP+x}" ]; then a2disconf remoteip