6cf5928ff1
The reason we are doing drop root is so that a network exposed software component (i.e. glance) cannot be used to affect the immutability of the container which it runs in. I have tried several different approaches and this is the only approach which puts glance in PID=1 while ensuring no files may be written by the glance process in the container image except for the log files. Change-Id: Ifd3c8c361b78d0e4791dade3afa6435290407c41 Partially-Implements: blueprint drop-root
16 lines
443 B
Bash
16 lines
443 B
Bash
#!/bin/bash
|
|
set -o errexit
|
|
|
|
# Processing /opt/kolla/config_files/config.json as root. This is necessary
|
|
# to permit certain files to be controlled by the root user which should
|
|
# not be writable by the dropped-privileged user, especially /run_command
|
|
sudo -E kolla_set_configs
|
|
CMD=$(cat /run_command)
|
|
ARGS=""
|
|
|
|
# Run additional commands if present
|
|
source kolla_extend_start
|
|
|
|
echo "Running command: '${CMD}${ARGS:+ $ARGS}'"
|
|
exec ${CMD} ${ARGS}
|