daenamnu/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/all-in-one.git synced 2026-05-21 10:50:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(mastercontainer): run session-deduplicator as www-data

Browse Source 
The session-deduplicator only touches files under /mnt/docker-aio-config/session/, which is already owned by www-data, so running it as root grants more privilege than it needs. Dropping to www-data reduces the number of root-owned processes in the mastercontainer and follows least-privilege for the supervisord program set.
This commit is contained in:
Dimas D. Angga
2026-05-20 09:32:49 +07:00
parent 6288665170
commit c6748dc450
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
Containers/mastercontainer/supervisord.conf
View File

@@ -54,7 +54,7 @@ stdout_logfile_maxbytes=0
stderr_logfile=/dev/stderr stderr_logfile=/dev/stderr
stderr_logfile_maxbytes=0 stderr_logfile_maxbytes=0
command=/session-deduplicator.sh command=/session-deduplicator.sh
user=root user=www-data
[program:domain-validator] [program:domain-validator]
# Logging is disabled as otherwise all attempts will be logged which spams the logs # Logging is disabled as otherwise all attempts will be logged which spams the logs