From 1848246be5fded09279681a8558ff7097ee905e7 Mon Sep 17 00:00:00 2001
From: Bitnami Bot <containers-bot@bitnami.com>
Date: Sat, 16 Jan 2021 02:35:33 +0000
Subject: [PATCH] 2.4.46-debian-10-r144 release

---
 bitnami/apache/2.4/debian-10/Dockerfile       |  2 +-
 .../prebuildfs/opt/bitnami/scripts/libos.sh   | 68 +++++++++++++++++--
 .../opt/bitnami/scripts/apache/setup.sh       |  2 +-
 bitnami/apache/README.md                      |  2 +-
 4 files changed, 66 insertions(+), 8 deletions(-)

diff --git a/bitnami/apache/2.4/debian-10/Dockerfile b/bitnami/apache/2.4/debian-10/Dockerfile
index 0ada03202469..0400ec55847a 100644
--- a/bitnami/apache/2.4/debian-10/Dockerfile
+++ b/bitnami/apache/2.4/debian-10/Dockerfile
@@ -22,7 +22,7 @@ ENV APACHE_ENABLE_CUSTOM_PORTS="no" \
     APACHE_HTTPS_PORT_NUMBER="" \
     APACHE_HTTP_PORT_NUMBER="" \
     BITNAMI_APP_NAME="apache" \
-    BITNAMI_IMAGE_VERSION="2.4.46-debian-10-r143" \
+    BITNAMI_IMAGE_VERSION="2.4.46-debian-10-r144" \
     PATH="/opt/bitnami/common/bin:/opt/bitnami/apache/bin:$PATH"
 
 EXPOSE 8080 8443
diff --git a/bitnami/apache/2.4/debian-10/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/apache/2.4/debian-10/prebuildfs/opt/bitnami/scripts/libos.sh
index cc45a19ce099..f38437a1d407 100644
--- a/bitnami/apache/2.4/debian-10/prebuildfs/opt/bitnami/scripts/libos.sh
+++ b/bitnami/apache/2.4/debian-10/prebuildfs/opt/bitnami/scripts/libos.sh
@@ -37,14 +37,34 @@ group_exists() {
 # Create a group in the system if it does not exist already
 # Arguments:
 #   $1 - group
+# Flags:
+#   -s|--system - Whether to create new user as system user (uid <= 999)
 # Returns:
 #   None
 #########################
 ensure_group_exists() {
     local group="${1:?group is missing}"
+    local is_system_user=false
+
+    # Validate arguments
+    shift 1
+    while [ "$#" -gt 0 ]; do
+        case "$1" in
+            -s|--system)
+                is_system_user=true
+                ;;
+            *)
+                echo "Invalid command line flag $1" >&2
+                return 1
+                ;;
+        esac
+        shift
+    done
 
     if ! group_exists "$group"; then
-        groupadd "$group" >/dev/null 2>&1
+        local -a args=("$group")
+        $is_system_user && args+=("--system")
+        groupadd "${args[@]}" >/dev/null 2>&1
     fi
 }
 
@@ -52,22 +72,60 @@ ensure_group_exists() {
 # Create an user in the system if it does not exist already
 # Arguments:
 #   $1 - user
-#   $2 - group
+# Flags:
+#   -g|--group - the group the new user should belong to
+#   -h|--home - the home directory for the new user
+#   -s|--system - whether to create new user as system user (uid <= 999)
 # Returns:
 #   None
 #########################
 ensure_user_exists() {
     local user="${1:?user is missing}"
-    local group="${2:-}"
+    local group=""
+    local home=""
+    local is_system_user=false
+
+    # Validate arguments
+    shift 1
+    while [ "$#" -gt 0 ]; do
+        case "$1" in
+            -g|--group)
+                shift
+                group="${1:?missing group}"
+                ;;
+            -h|--home)
+                shift
+                home="${1:?missing home directory}"
+                ;;
+            -s|--system)
+                is_system_user=true
+                ;;
+            *)
+                echo "Invalid command line flag $1" >&2
+                return 1
+                ;;
+        esac
+        shift
+    done
 
     if ! user_exists "$user"; then
-        useradd "$user" >/dev/null 2>&1
+        local -a user_args=("-N" "$user")
+        $is_system_user && user_args+=("--system")
+        useradd "${user_args[@]}" >/dev/null 2>&1
     fi
 
     if [[ -n "$group" ]]; then
-        ensure_group_exists "$group"
+        local -a group_args=("$group")
+        $is_system_user && group_args+=("--system")
+        ensure_group_exists "${group_args[@]}"
         usermod -a -G "$group" "$user" >/dev/null 2>&1
     fi
+
+    if [[ -n "$home" ]]; then
+        mkdir -p "$home"
+        usermod -d "$home" "$user" >/dev/null 2>&1
+        configure_permissions_ownership "$home" -d "775" -f "664" -u "$user" -g "$group"
+    fi
 }
 
 ########################
diff --git a/bitnami/apache/2.4/debian-10/rootfs/opt/bitnami/scripts/apache/setup.sh b/bitnami/apache/2.4/debian-10/rootfs/opt/bitnami/scripts/apache/setup.sh
index 45cd178a4b7a..2a5621850269 100755
--- a/bitnami/apache/2.4/debian-10/rootfs/opt/bitnami/scripts/apache/setup.sh
+++ b/bitnami/apache/2.4/debian-10/rootfs/opt/bitnami/scripts/apache/setup.sh
@@ -17,7 +17,7 @@ set -o pipefail
 apache_validate
 
 # Ensure Apache daemon user exists when running as 'root'
-am_i_root && ensure_user_exists "$APACHE_DAEMON_USER" "$APACHE_DAEMON_GROUP"
+am_i_root && ensure_user_exists "$APACHE_DAEMON_USER" --group "$APACHE_DAEMON_GROUP"
 
 # Ensure Apache is initialized
 apache_initialize
diff --git a/bitnami/apache/README.md b/bitnami/apache/README.md
index caaf0bae1702..bcfe2bd548e6 100644
--- a/bitnami/apache/README.md
+++ b/bitnami/apache/README.md
@@ -45,7 +45,7 @@ Non-root container images add an extra layer of security and are generally recom
 Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags [in our documentation page](https://docs.bitnami.com/tutorials/understand-rolling-tags-containers/).
 
 
-* [`2.4`, `2.4-debian-10`, `2.4.46`, `2.4.46-debian-10-r143`, `latest` (2.4/debian-10/Dockerfile)](https://github.com/bitnami/bitnami-docker-apache/blob/2.4.46-debian-10-r143/2.4/debian-10/Dockerfile)
+* [`2.4`, `2.4-debian-10`, `2.4.46`, `2.4.46-debian-10-r144`, `latest` (2.4/debian-10/Dockerfile)](https://github.com/bitnami/bitnami-docker-apache/blob/2.4.46-debian-10-r144/2.4/debian-10/Dockerfile)
 
 Subscribe to project updates by watching the [bitnami/apache GitHub repo](https://github.com/bitnami/bitnami-docker-apache).