Closed juliohm1978 closed 5 years ago
Recent PR from Graylog chart community works around the issue by hard coding the uid:gid in their init container.
https://github.com/helm/charts/pull/12983
If this sparks any interest in the future, feel free to reopen or request further discussion.
This is a proposed fix for https://github.com/Graylog2/graylog-docker/issues/76. It should allow the graylog container to start as
root
in order to run its setup more effectively in a wider range of scenarios. It will drop privileges at the end of the entrypoint to launch the graylog process.In summary:
The
USER
directive was removed from theDockerfile
.All steps related to the launch of the graylog process were removed from
docker-entrypoint.sh
and placed ingraylog-start.sh
. Only steps that need theroot
privilege were kept in the entrypoint.At the end of the entrypoint,
chroot
is used to executegraylog-start.sh
with thegraylog:graylog
user.