Allow su-exec to fail when users explicity use --user (#7776)

This allows MinIO containers to run properly without
expecting higher privileges in situations where following
restrictions on containers are used

 - docker run --user uid:gid
 - docker-compose up (with docker-compose.yml with user)
 ```yml
 ...
 user: "1001:1001"
 command: minio server /data
 ...
 ```
 - All openshift containers

Fixes #7773
master
Harshavardhana 6 years ago committed by GitHub
parent 0394a8f013
commit 22f6756ce6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
  1. 7
      dockerscripts/docker-entrypoint.sh

@ -60,7 +60,12 @@ docker_switch_user() {
return return
fi fi
fi fi
exec su-exec "${owner}" "$@" # check if su-exec is allowed, if yes proceed proceed.
if su-exec "${owner}" "/bin/ls" >/dev/null 2>&1; then
exec su-exec "${owner}" "$@"
fi
# fallback
exec "$@"
} }
## Set access env from secrets if necessary. ## Set access env from secrets if necessary.

Loading…
Cancel
Save