StuffAnThings/qbit_manage
1
1
Fork 0
mirror of https://github.com/StuffAnThings/qbit_manage.git synced 2025-10-11 22:36:35 +08:00
Code Issues Projects Releases Packages Wiki Activity

fix(entrypoint): improve privilege dropping with error handling and fallback

Browse source 
- Remove permission fixing for /config directory
- Add graceful error handling for su-exec privilege dropping
- Fall back to running as root with warning if su-exec fails
This commit is contained in:
bobokun 2025-08-29 08:36:48 -04:00
parent 464b8e7d91
commit ddfdfa19ea
No known key found for this signature in database
GPG key ID: B73932169607D927
2 changed files with 12 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
VERSION
View file

@ -1 +1 @@
4.5.6-develop11 4.5.6-develop12

17
entrypoint.sh
View file

@ -77,20 +77,25 @@ if [ -d "/config" ]; then
fi fi
fi fi
# Fix /config ownership if present # Set HOME if /config exists
if [ -d "/config" ]; then if [ -d "/config" ]; then
if [ "$(id -u)" = "0" ]; then
fix_permissions "/config"
fi
# Provide a reasonable HOME for non-root runs (only if /config exists)
export HOME=/config export HOME=/config
fi fi
# Execute the main command: # Execute the main command:
# - If running as root, drop privileges to PUID:PGID via su-exec # - If running as root, drop privileges to PUID:PGID via su-exec
# - If already non-root (e.g., docker-compose sets user:), run as-is # - If already non-root (e.g., docker-compose sets user:), run as-is
set +e # Temporarily disable exit on error for su-exec handling
if [ "$(id -u)" = "0" ]; then if [ "$(id -u)" = "0" ]; then
exec /sbin/su-exec "${PUID}:${PGID}" "$@" /sbin/su-exec "${PUID}:${PGID}" "$@"
if [ $? -eq 0 ]; then
# Won't reach here if su-exec succeeds
true
else
echo "Warning: Could not drop privileges to ${PUID}:${PGID}, continuing as root"
exec "$@"
fi
else else
exec "$@" exec "$@"
fi fi
set -e # Re-enable exit on error