From ddfdfa19ea4cad2faa9df93a91d2d43fcd7a03f2 Mon Sep 17 00:00:00 2001
From: bobokun <jon.cy.lee98@gmail.com>
Date: Fri, 29 Aug 2025 08:36:48 -0400
Subject: [PATCH] fix(entrypoint): improve privilege dropping with error
 handling and fallback

- Remove permission fixing for /config directory
- Add graceful error handling for su-exec privilege dropping
- Fall back to running as root with warning if su-exec fails
---
 VERSION       |  2 +-
 entrypoint.sh | 17 +++++++++++------
 2 files changed, 12 insertions(+), 7 deletions(-)

diff --git a/VERSION b/VERSION
index 1c225c9..c4f73e7 100755
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-4.5.6-develop11
+4.5.6-develop12
diff --git a/entrypoint.sh b/entrypoint.sh
index 2fc7939..2f02cde 100644
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -77,20 +77,25 @@ if [ -d "/config" ]; then
     fi
 fi
 
-# Fix /config ownership if present
+# Set HOME if /config exists
 if [ -d "/config" ]; then
-    if [ "$(id -u)" = "0" ]; then
-        fix_permissions "/config"
-    fi
-    # Provide a reasonable HOME for non-root runs (only if /config exists)
     export HOME=/config
 fi
 
 # Execute the main command:
 # - If running as root, drop privileges to PUID:PGID via su-exec
 # - If already non-root (e.g., docker-compose sets user:), run as-is
+set +e  # Temporarily disable exit on error for su-exec handling
 if [ "$(id -u)" = "0" ]; then
-    exec /sbin/su-exec "${PUID}:${PGID}" "$@"
+    /sbin/su-exec "${PUID}:${PGID}" "$@"
+    if [ $? -eq 0 ]; then
+        # Won't reach here if su-exec succeeds
+        true
+    else
+        echo "Warning: Could not drop privileges to ${PUID}:${PGID}, continuing as root"
+        exec "$@"
+    fi
 else
     exec "$@"
 fi
+set -e  # Re-enable exit on error