fix: Ensure DMS config volume can be accessed by non-root users (#4487)

This commit is contained in:
Brennan Kinney 2025-05-23 16:05:20 +12:00 committed by GitHub
parent 61c9b21f94
commit f6381d3bb0
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 11 additions and 0 deletions

View file

@ -104,6 +104,12 @@ function _setup_directory_and_file_permissions() {
chown -R _rspamd:_rspamd "${RSPAMD_DMS_DKIM_D}"
fi
# Parent directories must have the executable bit set to descend the file tree for access,
# as each service in the container running as a non-root user requires this to access any subpath,
# `/tmp/docker-mailserver` must allow all users `+x` (notably required for `_rspamd` user read access):
local DMS_CONFIG_DIR=/tmp/docker-mailserver
chmod +x "${DMS_CONFIG_DIR}"
__log_fixes
}