test / entrypoint.sh
hbs2's picture
Upload 16 files
100d4a5 verified
Raw
History Blame Contribute Delete
2.01 kB
#!/bin/bash
# ----------------------------------------------------------------
# SAFETY CHECK: PODMAN / ALREADY NON-ROOT
# ----------------------------------------------------------------
# If the container is already running as a non-root user (common in Podman --userns=keep-id
# or OpenShift), we cannot run groupadd/useradd. We just launch the app.
if [ "$(id -u)" -ne 0 ]; then
echo "Running as non-root user ($(id -u)). Skipping permission setup."
exec "$@"
fi
# Default to 99:100 (nobody:users) if env vars not provided
PUID=${PUID:-99}
PGID=${PGID:-100}
# ----------------------------------------------------------------
# CHECK: ROOTLESS PODMAN (Internal Root mapping)
# ----------------------------------------------------------------
# If PUID is set to 0, the user wants to run as root (which maps to Host User in Podman).
# We skip the user creation logic to avoid errors.
if [ "$PUID" -eq 0 ]; then
echo "PUID set to 0. Running as internal root (Podman default behavior)."
exec "$@"
fi
echo "-------------------------------------------------------"
echo "Initializing Container with PUID: $PUID and PGID: $PGID"
echo "-------------------------------------------------------"
# Create group if it doesn't exist
if ! getent group "$PGID" >/dev/null; then
groupadd -g "$PGID" subgen
fi
# Create user if it doesn't exist
if ! getent passwd "$PUID" >/dev/null; then
useradd -u "$PUID" -g "$PGID" -m -s /bin/bash subgen
fi
# Permission fixes
echo "Fixing permissions on /subgen..."
chown -R "$PUID":"$PGID" /subgen
echo "Fixing permissions on /cache..."
chown -R "$PUID":"$PGID" /cache
chown -R "$PUID":"$PGID" /tmp 2>/dev/null || true
# fix group for dri devices
if [ -e "/dev/dri/renderD128" ]; then
echo "Adding group for /dev/dri/renderD128"
GID=`stat -c "%g" /dev/dri/renderD128`
groupadd -g $GID render2
GROUP=`getent group $GID | cut -d: -f1`
usermod -aG $GROUP subgen
fi
echo "Dropping root privileges and starting application..."
exec gosu "$PUID" "$@"