diff --git a/docker/scripts/start-slim.sh b/docker/scripts/start-slim.sh index 3ffbc24b3..aaa5e912a 100755 --- a/docker/scripts/start-slim.sh +++ b/docker/scripts/start-slim.sh @@ -6,26 +6,45 @@ SITESPEEDIO=/usr/src/app/bin/sitespeed.js MAX_OLD_SPACE_SIZE="${MAX_OLD_SPACE_SIZE:-2048}" -WORKDIR_UID=$(stat -c "%u" .) -WORKDIR_GID=$(stat -c "%g" .) +# write files owned by the user who runs the container +# if your volume is mounted at /sitespeed.io, use it as CWD +[[ -d /sitespeed.io && "$PWD" = "/" ]] && cd /sitespeed.io -# Create user with the same UID and GID as the owner of the working directory, which will be used -# to execute node. This is partly for security and partly so output files won't be owned by root. -groupadd --non-unique --gid $WORKDIR_GID sitespeedio -useradd --non-unique --uid $WORKDIR_UID --gid $WORKDIR_GID --home-dir /tmp sitespeedio +uid=$(stat -c '%u' . 2>/dev/null || echo 0) +gid=$(stat -c '%g' . 2>/dev/null || echo 0) + +if [[ "$uid" -ne 0 && "$gid" -ne 0 ]]; then + if ! getent group "$gid" >/dev/null 2>&1; then + groupadd -g "$gid" sitespeedio-host 2>/dev/null || true + fi + if ! getent passwd "$uid" >/dev/null 2>&1; then + useradd -u "$uid" -g "$gid" -M -d /tmp -s /bin/bash sitespeedio-host 2>/dev/null || true + fi +fi + +run_as_host() { + if [[ "$uid" -ne 0 && "$gid" -ne 0 ]]; then + HOME=/tmp chroot --skip-chdir --userspec="+${uid}:+${gid}" / "$@" + else + HOME=/tmp "$@" + fi +} + +function execNode(){ + run_as_host node "$@" +} # Need to explictly override the HOME directory to prevent dconf errors like: # (firefox:2003): dconf-CRITICAL **: 00:31:23.379: unable to create directory '/root/.cache/dconf': Permission denied. dconf will not work properly. export HOME=/tmp - # Inspired by docker-selenium way of shutting down function shutdown { kill -s SIGTERM ${PID} wait $PID } -chroot --skip-chdir --userspec='sitespeedio:sitespeedio' / node --max-old-space-size=$MAX_OLD_SPACE_SIZE $SITESPEEDIO "$@" & +execNode --max-old-space-size=$MAX_OLD_SPACE_SIZE $SITESPEEDIO "$@" & PID=$!