From 29817c8a38890c71ea6e3bf35bd78e8ff702d66b Mon Sep 17 00:00:00 2001 From: Bitnami Bot Date: Thu, 20 Apr 2023 02:29:22 +0200 Subject: [PATCH] [bitnami/magento] Release 2.4.6-debian-11-r10 (#31025) Signed-off-by: Bitnami Containers --- bitnami/magento/2/debian-11/Dockerfile | 11 +-- .../opt/bitnami/.bitnami_components.json | 12 +-- .../prebuildfs/opt/bitnami/scripts/libos.sh | 95 +++++++++++++++++++ .../apache/conf/bitnami/certs/server.crt | 17 ---- .../apache/conf/bitnami/certs/server.key | 27 ------ .../opt/bitnami/scripts/apache/postunpack.sh | 1 + .../opt/bitnami/scripts/apache/setup.sh | 17 ++++ .../rootfs/opt/bitnami/scripts/libmagento.sh | 2 +- .../opt/bitnami/scripts/libmysqlclient.sh | 6 +- 9 files changed, 125 insertions(+), 63 deletions(-) delete mode 100644 bitnami/magento/2/debian-11/rootfs/opt/bitnami/apache/conf/bitnami/certs/server.crt delete mode 100644 bitnami/magento/2/debian-11/rootfs/opt/bitnami/apache/conf/bitnami/certs/server.key diff --git a/bitnami/magento/2/debian-11/Dockerfile b/bitnami/magento/2/debian-11/Dockerfile index bb49b898a1e9..b5396995a502 100644 --- a/bitnami/magento/2/debian-11/Dockerfile +++ b/bitnami/magento/2/debian-11/Dockerfile @@ -3,10 +3,10 @@ FROM docker.io/bitnami/minideb:bullseye ARG TARGETARCH LABEL org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2023-04-16T22:19:48Z" \ + org.opencontainers.image.created="2023-04-19T23:18:46Z" \ org.opencontainers.image.description="Application packaged by VMware, Inc" \ org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="2.4.6-debian-11-r9" \ + org.opencontainers.image.ref.name="2.4.6-debian-11-r10" \ org.opencontainers.image.title="magento" \ org.opencontainers.image.vendor="VMware, Inc." \ org.opencontainers.image.version="2.4.6" @@ -23,13 +23,12 @@ RUN install_packages acl ca-certificates cron curl libaudit1 libbrotli1 libbsd0 RUN mkdir -p /tmp/bitnami/pkg/cache/ && cd /tmp/bitnami/pkg/cache/ && \ COMPONENTS=( \ "php-8.1.18-0-linux-${OS_ARCH}-debian-11" \ - "apache-2.4.57-3-linux-${OS_ARCH}-debian-11" \ - "wait-for-port-1.0.6-4-linux-${OS_ARCH}-debian-11" \ + "apache-2.4.57-4-linux-${OS_ARCH}-debian-11" \ + "wait-for-port-1.0.6-6-linux-${OS_ARCH}-debian-11" \ "mysql-client-10.6.12-4-linux-${OS_ARCH}-debian-11" \ "libphp-8.1.18-0-linux-${OS_ARCH}-debian-11" \ - "render-template-1.0.5-4-linux-${OS_ARCH}-debian-11" \ + "render-template-1.0.5-5-linux-${OS_ARCH}-debian-11" \ "magento-2.4.6-3-linux-${OS_ARCH}-debian-11" \ - "gosu-1.16.0-5-linux-${OS_ARCH}-debian-11" \ ) && \ for COMPONENT in "${COMPONENTS[@]}"; do \ if [ ! -f "${COMPONENT}.tar.gz" ]; then \ diff --git a/bitnami/magento/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/magento/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json index a9cc11b266b4..72435ae0189f 100644 --- a/bitnami/magento/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ b/bitnami/magento/2/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json @@ -3,13 +3,7 @@ "arch": "amd64", "distro": "debian-11", "type": "NAMI", - "version": "2.4.57-3" - }, - "gosu": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.16.0-5" + "version": "2.4.57-4" }, "libphp": { "arch": "amd64", @@ -39,12 +33,12 @@ "arch": "amd64", "distro": "debian-11", "type": "NAMI", - "version": "1.0.5-4" + "version": "1.0.5-5" }, "wait-for-port": { "arch": "amd64", "distro": "debian-11", "type": "NAMI", - "version": "1.0.6-4" + "version": "1.0.6-6" } } \ No newline at end of file diff --git a/bitnami/magento/2/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/magento/2/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh index 5e141d4ce3f1..e573899abacb 100644 --- a/bitnami/magento/2/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ b/bitnami/magento/2/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh @@ -553,3 +553,98 @@ get_root_disk_device_id() { get_root_disk_size() { fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true } + +######################## +# Run command as a specific user and group (optional) +# Arguments: +# $1 - USER(:GROUP) to switch to +# $2..$n - command to execute +# Returns: +# Exit code of the specified command +######################### +run_as_user() { + run_chroot "$@" +} + +######################## +# Execute command as a specific user and group (optional), +# replacing the current process image +# Arguments: +# $1 - USER(:GROUP) to switch to +# $2..$n - command to execute +# Returns: +# Exit code of the specified command +######################### +exec_as_user() { + run_chroot --replace-process "$@" +} + +######################## +# Run a command using chroot +# Arguments: +# $1 - USER(:GROUP) to switch to +# $2..$n - command to execute +# Flags: +# -r | --replace-process - Replace the current process image (optional) +# Returns: +# Exit code of the specified command +######################### +run_chroot() { + local userspec + local user + local homedir + local replace=false + local -r cwd="$(pwd)" + + # Parse and validate flags + while [[ "$#" -gt 0 ]]; do + case "$1" in + -r | --replace-process) + replace=true + ;; + --) + shift + break + ;; + -*) + stderr_print "unrecognized flag $1" + return 1 + ;; + *) + break + ;; + esac + shift + done + + # Parse and validate arguments + if [[ "$#" -lt 2 ]]; then + echo "expected at least 2 arguments" + return 1 + else + userspec=$1 + shift + + # userspec can optionally include the group, so we parse the user + user=$(echo "$userspec" | cut -d':' -f1) + fi + + if ! am_i_root; then + error "Could not switch to '${userspec}': Operation not permitted" + return 1 + fi + + # Get the HOME directory for the user to switch, as chroot does + # not properly update this env and some scripts rely on it + homedir=$(eval echo "~${user}") + if [[ ! -d $homedir ]]; then + homedir="${HOME:-/}" + fi + + # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion + if [[ "$replace" = true ]]; then + exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" + else + chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" + fi +} \ No newline at end of file diff --git a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/apache/conf/bitnami/certs/server.crt b/bitnami/magento/2/debian-11/rootfs/opt/bitnami/apache/conf/bitnami/certs/server.crt deleted file mode 100644 index 466bbeab9ff4..000000000000 --- a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/apache/conf/bitnami/certs/server.crt +++ /dev/null @@ -1,17 +0,0 @@ ------BEGIN CERTIFICATE----- -MIICqDCCAZACCQCz8T3726LYsjANBgkqhkiG9w0BAQUFADAWMRQwEgYDVQQDDAtl -eGFtcGxlLmNvbTAeFw0xMjExMTQxMTE4MjdaFw0yMjExMTIxMTE4MjdaMBYxFDAS -BgNVBAMMC2V4YW1wbGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC -AQEA5NHl5TfZtO6zugau2tp5mWIcQYJhuwKTmYeXDLYAGJpoD2SixwPL5c8glneI -Rz1N2EQIZVeaWGbS0FLFlPdOkCkplpW9isYVC4XqKrk5b4HW4+YC+Cup0k+Kd4NM -eZOTUvWr5N6dIpdibkVumBc/pao8VtdwywlCL/PwGRsQtkXrRICzdtRa3MXqTmEF -foyVCGgBRtronlB9x4Plfb8Psk4GrPkjrWYgO8peKrl0O5+F+sYg7Gj95zCH73BQ -ANzCVNrgD9fs9cyx3ru9CUdEoIxAAJwQFkjm7xr6xqhIlSgnQ7B0uOSTNRcXY6rw -s+PxGneec/kRPRgzjC/QHY6n8QIDAQABMA0GCSqGSIb3DQEBBQUAA4IBAQBbyMqF -RDsX8zX1EW5qA8AQ8Jb2XqWrVeSO8blMV3WagJ2airMm3+c/82FCwsd/cZ08UXhA -/Kou0gi/F16tV26PiiUdp590Qao3d8H2qxc1rzzULimZPgxH4iA4vRyMHtyZN6h4 -7Fdn7O9xNMPu8siOz8rrzsEdEX5URbOMkDLCZsbTIUWVv2XmqrR0K10d5VuLWeLi -r+4G6c6jpa244WmqT9ClqceJ12G1Wnmezy7ybiW0l5M2iuIKFEiRP5Hj0J15o1I2 -pXAbKysAdWRHsJSQOtcgO8Vh9k0wo3tKg4HDp1hbrEzoGzOv92Vjg3lG8X+hzbMJ -MQURotHkD4Gk57wL ------END CERTIFICATE----- diff --git a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/apache/conf/bitnami/certs/server.key b/bitnami/magento/2/debian-11/rootfs/opt/bitnami/apache/conf/bitnami/certs/server.key deleted file mode 100644 index 1904ca7090ae..000000000000 --- a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/apache/conf/bitnami/certs/server.key +++ /dev/null @@ -1,27 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIEpAIBAAKCAQEA5NHl5TfZtO6zugau2tp5mWIcQYJhuwKTmYeXDLYAGJpoD2Si -xwPL5c8glneIRz1N2EQIZVeaWGbS0FLFlPdOkCkplpW9isYVC4XqKrk5b4HW4+YC -+Cup0k+Kd4NMeZOTUvWr5N6dIpdibkVumBc/pao8VtdwywlCL/PwGRsQtkXrRICz -dtRa3MXqTmEFfoyVCGgBRtronlB9x4Plfb8Psk4GrPkjrWYgO8peKrl0O5+F+sYg -7Gj95zCH73BQANzCVNrgD9fs9cyx3ru9CUdEoIxAAJwQFkjm7xr6xqhIlSgnQ7B0 -uOSTNRcXY6rws+PxGneec/kRPRgzjC/QHY6n8QIDAQABAoIBACo3G131tuGtpFTu -xLW11vdYZXQklNlGuWp63IBI162yVv54B5wF9Ek6tH1uIiNaiREcRBxGVEB4/+3V -R4SbN9Ba98RDbgu7TcipdTFaqOEMqFO1bNjSXWtip14zSBmqA2Ur1AHOnFj0awGD -J8tBhsmOpcEz0Ch1VdO5ApPvLV8jH9wQiMI/Q6yYQMtmzTMCUMYdMqe+LOziIOzL -oqN/WXnKL5E5TiO1bIxSpWPbT+IVn1c3/PShmvmRrLWsFUQlkwXJKMYZPO+rCCfe -b+Q9lMLMnj+vOnM3z16WC3aiiJGCZjVTvQ+x22YrBTRPxZmHO2eZ4H/cUQM7Y/tw -I7RjEM0CgYEA9Kxt1t8bWonzBii3P0rwyx0IECvg63k+pp4BpxpeWQKL7NVdSzk3 -AyJVcNjUoZgi2kVPdxzZGLrnZfuZ691xQB3oZF0LwBzQ4GFHkTRCB0s8ZA5lcJaI -9pBu91bhz2VOZSTeQWpdMMURjXVyTXZInU1mwzmjVOIAYmO33shH9gcCgYEA72mX -UoIrFPLkOTSZOb7UbjYH01vf6ThQiYCEWg7mD3CbY7n9oobIcQMzNnt7xN4wOl/V -eKfZ7G56q8enfqm45Dyo9aCBCENVzmwO8wLe5UnvJBNL20KjvtwG8w5A6UZQzC7p -3QS+U2zxVQNEeaE6a8Wrq2d1PlhVAHYw8odgNEcCgYBN38+58xrmrz99d1oTuAt5 -6kyVsRGOgPGS4HmQMRFUbT4R7DscZSKASd4945WRtTVqmWLYe4MRnvNlfzYXX0zb -ZmmAAClsRP+qWuwHaEWXwrd+9SIOOqtvJrta1/lZJFpWUOy4j10H18Flb7sosnwc -LPWHL4Iv0xriNfDg5Iga4wKBgQDLJBU59SkJBW+Q+oho7vrg6QeK15IOGbJ8eYfT -woCC6VFwNQh5N1QsUELMH8rNKJpTba18SzAl5ThBOY9tciVnw/C5Og9CK6BLHnUw -zWbDtxAq1BSxXsIB2EAtTBLX3MoB9myJFNVJhE7hi3w2mA8yEu+u6IIa/Ghjk+XE -ZAnFUQKBgQDjMinRZrK5wA09jcetI+dNiLnKHoQG6OaXDDsNCatex0O2F36BvVXE -P78qDz/i5aBMWsLx6VDvWJAkBIpZoNS5UsOn17tFaocGUSkcm48bs8Dn6VvsE8Bd -XMPAHyKuILlKYifBvNq5T22KhqKX7yGmk/AeOOiKr2KeMnh27JYrCA== ------END RSA PRIVATE KEY----- diff --git a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/postunpack.sh b/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/postunpack.sh index 1f27c7ff04c8..a9ed67cd2bc8 100755 --- a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/postunpack.sh +++ b/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/postunpack.sh @@ -50,6 +50,7 @@ apache_setup_bitnami_config() { done # Bitnami customizations + ensure_dir_exists "${APACHE_CONF_DIR}/bitnami" render-template "${template_dir}/bitnami.conf.tpl" > "${APACHE_CONF_DIR}/bitnami/bitnami.conf" render-template "${template_dir}/bitnami-ssl.conf.tpl" > "${APACHE_CONF_DIR}/bitnami/bitnami-ssl.conf" diff --git a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/setup.sh b/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/setup.sh index 4322e06fb2f4..bad7b1b943f5 100755 --- a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/setup.sh +++ b/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/apache/setup.sh @@ -8,6 +8,7 @@ set -o pipefail # set -o xtrace # Uncomment this line for debugging purposes # Load libraries +. /opt/bitnami/scripts/liblog.sh . /opt/bitnami/scripts/libapache.sh # Load Apache environment @@ -19,6 +20,22 @@ apache_validate # Ensure Apache daemon user exists when running as 'root' am_i_root && ensure_user_exists "$APACHE_DAEMON_USER" --group "$APACHE_DAEMON_GROUP" +# Generate SSL certs (without a passphrase) +ensure_dir_exists "${APACHE_CONF_DIR}/bitnami/certs" +if [[ ! -f "${APACHE_CONF_DIR}/bitnami/certs/server.crt" ]]; then + info "Generating sample certificates" + SSL_KEY_FILE="${APACHE_CONF_DIR}/bitnami/certs/server.key" + SSL_CERT_FILE="${APACHE_CONF_DIR}/bitnami/certs/server.crt" + SSL_CSR_FILE="${APACHE_CONF_DIR}/bitnami/certs/server.csr" + SSL_SUBJ="/CN=example.com" + SSL_EXT="subjectAltName=DNS:example.com,DNS:www.example.com,IP:127.0.0.1" + rm -f "$SSL_KEY_FILE" "$SSL_CERT_FILE" + openssl genrsa -out "$SSL_KEY_FILE" 4096 + openssl req -new -sha256 -out "$SSL_CSR_FILE" -key "$SSL_KEY_FILE" -nodes -subj "$SSL_SUBJ" -addext "$SSL_EXT" + openssl x509 -req -sha256 -in "$SSL_CSR_FILE" -signkey "$SSL_KEY_FILE" -out "$SSL_CERT_FILE" -days 1825 -extfile <(echo -n "$SSL_EXT") + rm -f "$SSL_CSR_FILE" +fi + # Copy vhosts files if ! is_dir_empty "/vhosts"; then info "Found mounted virtual hosts in '/vhosts'. Copying them to '${APACHE_BASE_DIR}/conf/vhosts'" diff --git a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/libmagento.sh b/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/libmagento.sh index c2207a993ab7..0108b71f5e68 100644 --- a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/libmagento.sh +++ b/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/libmagento.sh @@ -396,7 +396,7 @@ magento_execute() { local -a cmd=("php" "${MAGENTO_BIN_DIR}/magento" "$@") # Run as web server user to avoid having to change permissions/ownership afterwards if am_i_root; then - debug_execute gosu "$WEB_SERVER_DAEMON_USER" "${cmd[@]}" + debug_execute run_as_user "$WEB_SERVER_DAEMON_USER" "${cmd[@]}" else debug_execute "${cmd[@]}" fi diff --git a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/libmysqlclient.sh b/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/libmysqlclient.sh index f63dea741844..c8bc278d0266 100644 --- a/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/libmysqlclient.sh +++ b/bitnami/magento/2/debian-11/rootfs/opt/bitnami/scripts/libmysqlclient.sh @@ -447,7 +447,7 @@ mysql_stop() { mysql_install_db() { local command="${DB_BIN_DIR}/mysql_install_db" local -a args=("--defaults-file=${DB_CONF_FILE}" "--basedir=${DB_BASE_DIR}" "--datadir=${DB_DATA_DIR}") - + # Add flags specified via the 'DB_EXTRA_FLAGS' environment variable read -r -a db_extra_flags <<< "$(mysql_extra_flags)" [[ "${#db_extra_flags[@]}" -gt 0 ]] && args+=("${db_extra_flags[@]}") @@ -586,9 +586,9 @@ mysql_ensure_user_exists() { auth_string="identified via pam using '$DB_FLAVOR'" elif [[ -n "$password" ]]; then if [[ -n "$auth_plugin" ]]; then - auth_string="identified with $auth_plugin by \"$password\"" + auth_string="identified with $auth_plugin by '$password'" else - auth_string="identified by \"$password\"" + auth_string="identified by '$password'" fi fi debug "creating database user \'$user\'"