From b52e5d6523828511b2281c6b0951c1a74c5c15f5 Mon Sep 17 00:00:00 2001 From: Michele Bologna Date: Thu, 28 Nov 2024 10:34:52 +0100 Subject: [PATCH] Fix: entrypoint.sh permissions --- Dockerfile | 9 ++++----- entrypoint.sh | 9 +++++++-- k8s/bitlbee-deployment.yaml | 2 ++ 3 files changed, 13 insertions(+), 7 deletions(-) diff --git a/Dockerfile b/Dockerfile index 3637e6c..545ee69 100755 --- a/Dockerfile +++ b/Dockerfile @@ -106,14 +106,13 @@ RUN touch /var/run/bitlbee.pid && chown bitlbee:nogroup /var/run/bitlbee.pid EXPOSE 6667 -USER bitlbee - -# Define volumes for persistent data -VOLUME ["/var/lib/bitlbee"] - # Needed for VOLUME permissions COPY entrypoint.sh /entrypoint.sh +RUN chmod +x entrypoint.sh +# Define volumes for persistent data +VOLUME ["/var/lib/bitlbee"] +USER bitlbee ENTRYPOINT ["/entrypoint.sh"] CMD ["/usr/local/sbin/bitlbee", "-D", "-n", "-v", "-u", "bitlbee"] diff --git a/entrypoint.sh b/entrypoint.sh index 3053ef1..82bff16 100644 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -1,7 +1,12 @@ #!/bin/bash set -euxo pipefail -# Ensure proper permissions on the mounted data directory +# Debug log for ownership check +echo "Current owner of /var/lib/bitlbee: $(stat -c %U /var/lib/bitlbee)" + if [ "$(stat -c %U /var/lib/bitlbee)" != "bitlbee" ]; then - chown -R bitlbee:nogroup /var/lib/bitlbee + echo "Changing ownership of /var/lib/bitlbee to bitlbee" + chown -R bitlbee:nogroup /var/lib/bitlbee || echo "Failed to change ownership" +else + echo "Ownership is already correct" fi exec "$@" diff --git a/k8s/bitlbee-deployment.yaml b/k8s/bitlbee-deployment.yaml index 151510e..47b9b40 100755 --- a/k8s/bitlbee-deployment.yaml +++ b/k8s/bitlbee-deployment.yaml @@ -13,6 +13,8 @@ spec: labels: app: bitlbee spec: + securityContext: + fsGroup: 1001 # Needed for volume permissions containers: - name: bitlbee image: docker.io/mbologna/docker-bitlbee:latest