From 2312a2d8ac3eb1773354a67b989fbc8f66ebfa58 Mon Sep 17 00:00:00 2001 From: Vladislav Poddubnyy Date: Wed, 1 Dec 2021 02:43:01 +0300 Subject: [PATCH] Fixed not dropping privileges to py-kms user by default --- docker/entrypoint.py | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/docker/entrypoint.py b/docker/entrypoint.py index 57038fd..df01e30 100755 --- a/docker/entrypoint.py +++ b/docker/entrypoint.py @@ -36,13 +36,11 @@ def change_uid_grp(): os.chown(dbPath, new_uid, new_gid) loggersrv.debug("%s" %str(subprocess.check_output("ls -al " + dbPath, shell=True))) - if gid != new_gid: - loggersrv.info("Setting gid to '%s'." % str(new_gid)) - os.setgid(gid) + loggersrv.info("Setting gid to '%s'." % str(new_gid)) + os.setgid(new_gid) - if uid != new_uid: - loggersrv.info("Setting uid to '%s'." % str(new_uid)) - os.setuid(uid) + loggersrv.info("Setting uid to '%s'." % str(new_uid)) + os.setuid(new_uid) def change_tz():