From 6ec1fabf6528bd058a30a78716668f7b75f56068 Mon Sep 17 00:00:00 2001
From: Sam Yaple <sam@yaple.net>
Date: Fri, 13 Nov 2015 08:53:49 +0000
Subject: [PATCH] Revert "Drop root for Horizon service"

This reverts commit f9ccb1c8829cef551b875c7c387530e7980414a7.

There are many issues with this patch that prevents it from working
under numerous circumstances. The implementation is entirely busted
on Ubuntu. Additionally, best practice for apache is to run as root.
Apache itself does the privlege dropping.

Change-Id: I4395debb7d32223fb3752a6d3e7c4d7672d29916
---
 docker/horizon/Dockerfile.j2 | 20 +-------------------
 1 file changed, 1 insertion(+), 19 deletions(-)

diff --git a/docker/horizon/Dockerfile.j2 b/docker/horizon/Dockerfile.j2
index d08da69142..30b2277814 100644
--- a/docker/horizon/Dockerfile.j2
+++ b/docker/horizon/Dockerfile.j2
@@ -56,25 +56,7 @@ RUN ln -s horizon-source/* horizon \
 
 {% endif %}
 
-# Set NET_BIND_SERVICE capability to httpd/apache2 so that it may run on
-# ports lower than 1024.
-#  Set pidfile and log directory to be writeable by # the horizon user.
-{% if base_distro in ['centos', 'fedora', 'oraclelinux', 'rhel'] %}
-
-RUN setcap 'cap_net_bind_service=ep' /usr/sbin/httpd \
-    && chown horizon: /run/httpd /etc/httpd/logs
-
-{% elif base_distro in ['ubuntu'] %}
-
-RUN setcap 'cap_net_bind_service=ep' /usr/sbin/apache2 \
-    && chown -R horizon: /var/run/apache2 /var/log/apache2
-
-{% endif %}
-
 COPY extend_start.sh /usr/local/bin/kolla_extend_start
-RUN chmod 755 /usr/local/bin/kolla_extend_start \
-     && usermod -a -G kolla horizon
+RUN chmod 755 /usr/local/bin/kolla_extend_start
 
 {{ include_footer }}
-
-USER horizon