privileged mode not working #70
Description
Hi,
When I run docker run --rm -u root --cap-add net_bind_service --network=vlan2656 --ip=22.0.56.7 apigw:1.0 I have this error :
AH00526: Syntax error on line 66 of /opt/rh/httpd24/root/etc/httpd/conf/httpd.conf:
Error:\tApache has not been designed to serve pages while\n\trunning as root. There are known race conditions that\n\twill allow any local user to read any file on the system.\n\tIf you still desire to serve pages as root then\n\tadd -DBIG_SECURITY_HOLE to the CFLAGS env variable\n\tand then rebuild the server.\n\tIt is strongly suggested that you instead modify the User\n\tdirective in your httpd.conf file to list a non-root\n\tuser.\n
If I run in debug
bash-4.2# /usr/libexec/s2i/run
+ export HTTPD_RUN_BY_S2I=1
+ HTTPD_RUN_BY_S2I=1
+ exec run-httpd
+ '[' -v HTTPD_RUN_BY_S2I ']'
+ config_non_privileged
If I run manually /usr/bin/run-httpd all is working (privileged mode is detected)
/usr/bin/run-httpd
+ set -eu
+ source /usr/share/container-scripts/httpd//common.sh
++ set -x
+ '[' -v HTTPD_RUN_BY_S2I ']'
+ runs_privileged
++ id -u
+ test 0 == 0
+ return 0
+ config_privileged
I don't understand why we have this test in /usr/bin/run-httpd
if ! [ -v HTTPD_RUN_BY_S2I ] && runs_privileged ; then
and not
if runs_privileged ; then
Also, it should be nice to allow to skip config_general() when running as privileged user or to allow to configure the listening ports via environment variables.
Best regards,