From 22f6756ce685dd0e2e73f53616f7816a824776c8 Mon Sep 17 00:00:00 2001
From: Harshavardhana <harsha@minio.io>
Date: Wed, 12 Jun 2019 12:16:21 -0700
Subject: [PATCH] Allow su-exec to fail when users explicity use --user (#7776)

This allows MinIO containers to run properly without
expecting higher privileges in situations where following
restrictions on containers are used

 - docker run --user uid:gid
 - docker-compose up (with docker-compose.yml with user)
 ```yml
 ...
 user: "1001:1001"
 command: minio server /data
 ...
 ```
 - All openshift containers

Fixes #7773
---
 dockerscripts/docker-entrypoint.sh | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/dockerscripts/docker-entrypoint.sh b/dockerscripts/docker-entrypoint.sh
index 8ac5d25ac..39d38e19c 100755
--- a/dockerscripts/docker-entrypoint.sh
+++ b/dockerscripts/docker-entrypoint.sh
@@ -60,7 +60,12 @@ docker_switch_user() {
             return
         fi
     fi
-    exec su-exec "${owner}" "$@"
+    # check if su-exec is allowed, if yes proceed proceed.
+    if su-exec "${owner}" "/bin/ls" >/dev/null 2>&1; then
+        exec su-exec "${owner}" "$@"
+    fi
+    # fallback
+    exec "$@"
 }
 
 ## Set access env from secrets if necessary.