tianon
commented
2 months ago Unfortunately, running WordPress (and/or PHP-FPM slash Apache2) as UID 0, even in a "rootless" context, is not a recommended or supported configuration. (Frankly, I wouldn't feel comfortable with the security of such a configuration on my own systems.)
However, in the hopes that it helps, here's the bit of code you're probably getting blocked on:
(designed specifically so that --user "just works" for all cases except the one you're looking for, which is again intentional)
If you switch from the FPM to the Apache variants, you might be able to (ab)use APACHE_RUN_USER and APACHE_RUN_GROUP set to something like root or #0, but I don't know whether Apache will like/use that. Otherwise, your best bet might be patching the entrypoint itself, but I don't know whether PHP-FPM will start as root without more changes.
Good luck!
srfsh
Hi,
Firstly, thanks for the effort that frees our time. It is really invaluable. However, I have spent quite a deal of time trying to figure out how can I run this as the root user, since I am using rootless Docker containers that already takes care of the issues that might effect security. I believe the same issue would arise on podman or other rootless OCI runtimes, though I didn't investigated this.
In my particular case, I am using the fpm-alpine image with Caddy. Caddy is running as root (in the container, mind you), and serving files fails due to the UID and GID combination of 82:82, which Caddy expect it as 0:0. I had tried it with Nginx as well, but the same unfortunate result arose. I thought I could tweak the docker-entrypoint.sh to my needs, as it seem to be the performing the dance to change the ownership of the files and directories, but that also bared no useful outcome.
This is pretty much the only software I am using, albeit not much, that doesn't serve my purpose with the
--user(docker) oruser:(compose) options. It would be nice if you could provide a way to run this as root. Such as what linuxserver images do with PUID and PGID.Many thanks.