From 2c951d5876a3e7723ba6777388bae0054237b683 Mon Sep 17 00:00:00 2001 From: Pat Riehecky Date: Wed, 23 Jul 2025 15:13:32 -0500 Subject: [PATCH] Migrate to `setpriv` from `gosu` Fixes: 1304 Signed-off-by: Pat Riehecky --- Dockerfile-alpine.template | 43 ++++++++++++-------------------------- Dockerfile-debian.template | 25 ++++------------------ docker-ensure-initdb.sh | 2 +- docker-entrypoint.sh | 2 +- 4 files changed, 19 insertions(+), 53 deletions(-) diff --git a/Dockerfile-alpine.template b/Dockerfile-alpine.template index e64ad2fc2f..336f1613f0 100644 --- a/Dockerfile-alpine.template +++ b/Dockerfile-alpine.template @@ -13,39 +13,22 @@ RUN set -eux; \ # see https://github.com/docker-library/postgres/issues/274 install --verbose --directory --owner postgres --group postgres --mode 1777 /var/lib/postgresql -# grab gosu for easy step-down from root -# https://github.com/tianon/gosu/releases -ENV GOSU_VERSION 1.17 -RUN set -eux; \ - \ - apk add --no-cache --virtual .gosu-deps \ - ca-certificates \ - dpkg \ - gnupg \ - ; \ - \ - dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \ - wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \ - wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \ - \ -# verify the signature - export GNUPGHOME="$(mktemp -d)"; \ - gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \ - gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \ - gpgconf --kill all; \ - rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \ - \ -# clean up fetch dependencies - apk del --no-network .gosu-deps; \ - \ - chmod +x /usr/local/bin/gosu; \ -# verify that the binary works - gosu --version; \ - gosu nobody true {{ if env.version | IN("13", "14", "15", "16") then ( -}} -RUN set -eux; ln -svf gosu /usr/local/bin/su-exec; su-exec nobody true # backwards compatibility (removed in PostgreSQL 17+) +# backwards compatibility (removed in PostgreSQL 17+) +RUN set -eux; \ + \ + apk add --no-cache su-exec; \ + echo 'testing su-exec:' ; \ + su-exec nobody id {{ ) else "" end -}} +# Install real setpriv from util-linux rather than busybox +RUN set -eux; \ + \ + apk add --no-cache setpriv; \ + echo 'testing setpriv:' ; \ + setpriv --reuid=nobody --regid=nobody --clear-groups id + # make the "en_US.UTF-8" locale so postgres will be utf-8 enabled by default # alpine doesn't require explicit locale-file generation ENV LANG en_US.utf8 diff --git a/Dockerfile-debian.template b/Dockerfile-debian.template index 81a6a0a0c5..f6fbd07685 100644 --- a/Dockerfile-debian.template +++ b/Dockerfile-debian.template @@ -20,28 +20,11 @@ RUN set -ex; \ ; \ rm -rf /var/lib/apt/lists/* -# grab gosu for easy step-down from root -# https://github.com/tianon/gosu/releases -ENV GOSU_VERSION 1.17 +# ensure setpriv works as expected RUN set -eux; \ - savedAptMark="$(apt-mark showmanual)"; \ - apt-get update; \ - apt-get install -y --no-install-recommends ca-certificates wget; \ - rm -rf /var/lib/apt/lists/*; \ - dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \ - wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \ - wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \ - export GNUPGHOME="$(mktemp -d)"; \ - gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \ - gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \ - gpgconf --kill all; \ - rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \ - apt-mark auto '.*' > /dev/null; \ - [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; \ - apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ - chmod +x /usr/local/bin/gosu; \ - gosu --version; \ - gosu nobody true + \ + echo 'testing setpriv:' ; \ + setpriv --reuid=nobody --regid=nobody --clear-groups id # make the "en_US.UTF-8" locale so postgres will be utf-8 enabled by default RUN set -eux; \ diff --git a/docker-ensure-initdb.sh b/docker-ensure-initdb.sh index e9b15ef77d..1bb2dfb3f7 100755 --- a/docker-ensure-initdb.sh +++ b/docker-ensure-initdb.sh @@ -27,7 +27,7 @@ docker_setup_env docker_create_db_directories if [ "$(id -u)" = '0' ]; then # then restart script as postgres user - exec gosu postgres "$BASH_SOURCE" "$@" + exec setpriv --reuid=postgres --regid=postgres --clear-groups "$BASH_SOURCE" "$@" fi # only run initialization on an empty data directory diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh index 5a62870b50..73825e3263 100755 --- a/docker-entrypoint.sh +++ b/docker-entrypoint.sh @@ -344,7 +344,7 @@ _main() { docker_create_db_directories if [ "$(id -u)" = '0' ]; then # then restart script as postgres user - exec gosu postgres "$BASH_SOURCE" "$@" + exec setpriv --reuid=postgres --regid=postgres --clear-groups "$BASH_SOURCE" "$@" fi # only run initialization on an empty data directory pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy