From e6a51689ce9c140e4a9e15675f2e9b89ff09bcb3 Mon Sep 17 00:00:00 2001 From: Tianon Gravi Date: Mon, 12 Nov 2018 15:51:08 -0800 Subject: [PATCH] Adjust permissions on Apache directories for running as an arbitrary user --- 5.6/jessie/apache/Dockerfile | 6 ++++-- 5.6/stretch/apache/Dockerfile | 6 ++++-- 7.0/jessie/apache/Dockerfile | 6 ++++-- 7.0/stretch/apache/Dockerfile | 6 ++++-- 7.1/jessie/apache/Dockerfile | 6 ++++-- 7.1/stretch/apache/Dockerfile | 6 ++++-- 7.2/stretch/apache/Dockerfile | 6 ++++-- 7.3-rc/stretch/apache/Dockerfile | 6 ++++-- apache-Dockerfile-block-1 | 6 ++++-- 9 files changed, 36 insertions(+), 18 deletions(-) diff --git a/5.6/jessie/apache/Dockerfile b/5.6/jessie/apache/Dockerfile index 215972f0..36a32f74 100644 --- a/5.6/jessie/apache/Dockerfile +++ b/5.6/jessie/apache/Dockerfile @@ -68,8 +68,10 @@ RUN set -ex \ ; do \ rm -rvf "$dir" \ && mkdir -p "$dir" \ - && chown -R "$APACHE_RUN_USER:$APACHE_RUN_GROUP" "$dir"; \ - done + && chown -R "$APACHE_RUN_USER:$APACHE_RUN_GROUP" "$dir" \ +# allow running as an arbitrary user (https://github.com/docker-library/php/issues/743) + && chmod 1777 "$dir" \ + ; done # Apache + PHP requires preforking Apache for best results RUN a2dismod mpm_event && a2enmod mpm_prefork diff --git a/5.6/stretch/apache/Dockerfile b/5.6/stretch/apache/Dockerfile index 4b279ae5..28b5cec2 100644 --- a/5.6/stretch/apache/Dockerfile +++ b/5.6/stretch/apache/Dockerfile @@ -68,8 +68,10 @@ RUN set -ex \ ; do \ rm -rvf "$dir" \ && mkdir -p "$dir" \ - && chown -R "$APACHE_RUN_USER:$APACHE_RUN_GROUP" "$dir"; \ - done + && chown -R "$APACHE_RUN_USER:$APACHE_RUN_GROUP" "$dir" \ +# allow running as an arbitrary user (https://github.com/docker-library/php/issues/743) + && chmod 1777 "$dir" \ + ; done # Apache + PHP requires preforking Apache for best results RUN a2dismod mpm_event && a2enmod mpm_prefork diff --git a/7.0/jessie/apache/Dockerfile b/7.0/jessie/apache/Dockerfile index 6ff4d230..be760d7e 100644 --- a/7.0/jessie/apache/Dockerfile +++ b/7.0/jessie/apache/Dockerfile @@ -68,8 +68,10 @@ RUN set -ex \ ; do \ rm -rvf "$dir" \ && mkdir -p "$dir" \ - && chown -R "$APACHE_RUN_USER:$APACHE_RUN_GROUP" "$dir"; \ - done + && chown -R "$APACHE_RUN_USER:$APACHE_RUN_GROUP" "$dir" \ +# allow running as an arbitrary user (https://github.com/docker-library/php/issues/743) + && chmod 1777 "$dir" \ + ; done # Apache + PHP requires preforking Apache for best results RUN a2dismod mpm_event && a2enmod mpm_prefork diff --git a/7.0/stretch/apache/Dockerfile b/7.0/stretch/apache/Dockerfile index 1e78b705..0975973e 100644 --- a/7.0/stretch/apache/Dockerfile +++ b/7.0/stretch/apache/Dockerfile @@ -68,8 +68,10 @@ RUN set -ex \ ; do \ rm -rvf "$dir" \ && mkdir -p "$dir" \ - && chown -R "$APACHE_RUN_USER:$APACHE_RUN_GROUP" "$dir"; \ - done + && chown -R "$APACHE_RUN_USER:$APACHE_RUN_GROUP" "$dir" \ +# allow running as an arbitrary user (https://github.com/docker-library/php/issues/743) + && chmod 1777 "$dir" \ + ; done # Apache + PHP requires preforking Apache for best results RUN a2dismod mpm_event && a2enmod mpm_prefork diff --git a/7.1/jessie/apache/Dockerfile b/7.1/jessie/apache/Dockerfile index 0a3f6b74..74389f04 100644 --- a/7.1/jessie/apache/Dockerfile +++ b/7.1/jessie/apache/Dockerfile @@ -68,8 +68,10 @@ RUN set -ex \ ; do \ rm -rvf "$dir" \ && mkdir -p "$dir" \ - && chown -R "$APACHE_RUN_USER:$APACHE_RUN_GROUP" "$dir"; \ - done + && chown -R "$APACHE_RUN_USER:$APACHE_RUN_GROUP" "$dir" \ +# allow running as an arbitrary user (https://github.com/docker-library/php/issues/743) + && chmod 1777 "$dir" \ + ; done # Apache + PHP requires preforking Apache for best results RUN a2dismod mpm_event && a2enmod mpm_prefork diff --git a/7.1/stretch/apache/Dockerfile b/7.1/stretch/apache/Dockerfile index 3f5f7607..48a62cc7 100644 --- a/7.1/stretch/apache/Dockerfile +++ b/7.1/stretch/apache/Dockerfile @@ -68,8 +68,10 @@ RUN set -ex \ ; do \ rm -rvf "$dir" \ && mkdir -p "$dir" \ - && chown -R "$APACHE_RUN_USER:$APACHE_RUN_GROUP" "$dir"; \ - done + && chown -R "$APACHE_RUN_USER:$APACHE_RUN_GROUP" "$dir" \ +# allow running as an arbitrary user (https://github.com/docker-library/php/issues/743) + && chmod 1777 "$dir" \ + ; done # Apache + PHP requires preforking Apache for best results RUN a2dismod mpm_event && a2enmod mpm_prefork diff --git a/7.2/stretch/apache/Dockerfile b/7.2/stretch/apache/Dockerfile index 69307830..fb510b96 100644 --- a/7.2/stretch/apache/Dockerfile +++ b/7.2/stretch/apache/Dockerfile @@ -68,8 +68,10 @@ RUN set -ex \ ; do \ rm -rvf "$dir" \ && mkdir -p "$dir" \ - && chown -R "$APACHE_RUN_USER:$APACHE_RUN_GROUP" "$dir"; \ - done + && chown -R "$APACHE_RUN_USER:$APACHE_RUN_GROUP" "$dir" \ +# allow running as an arbitrary user (https://github.com/docker-library/php/issues/743) + && chmod 1777 "$dir" \ + ; done # Apache + PHP requires preforking Apache for best results RUN a2dismod mpm_event && a2enmod mpm_prefork diff --git a/7.3-rc/stretch/apache/Dockerfile b/7.3-rc/stretch/apache/Dockerfile index 7b616de0..64e7de68 100644 --- a/7.3-rc/stretch/apache/Dockerfile +++ b/7.3-rc/stretch/apache/Dockerfile @@ -68,8 +68,10 @@ RUN set -ex \ ; do \ rm -rvf "$dir" \ && mkdir -p "$dir" \ - && chown -R "$APACHE_RUN_USER:$APACHE_RUN_GROUP" "$dir"; \ - done + && chown -R "$APACHE_RUN_USER:$APACHE_RUN_GROUP" "$dir" \ +# allow running as an arbitrary user (https://github.com/docker-library/php/issues/743) + && chmod 1777 "$dir" \ + ; done # Apache + PHP requires preforking Apache for best results RUN a2dismod mpm_event && a2enmod mpm_prefork diff --git a/apache-Dockerfile-block-1 b/apache-Dockerfile-block-1 index a8e00783..8c2fbecb 100644 --- a/apache-Dockerfile-block-1 +++ b/apache-Dockerfile-block-1 @@ -26,8 +26,10 @@ RUN set -ex \ ; do \ rm -rvf "$dir" \ && mkdir -p "$dir" \ - && chown -R "$APACHE_RUN_USER:$APACHE_RUN_GROUP" "$dir"; \ - done + && chown -R "$APACHE_RUN_USER:$APACHE_RUN_GROUP" "$dir" \ +# allow running as an arbitrary user (https://github.com/docker-library/php/issues/743) + && chmod 1777 "$dir" \ + ; done # Apache + PHP requires preforking Apache for best results RUN a2dismod mpm_event && a2enmod mpm_prefork