From 559136b1ada6624ee6af105cf317088f2cec4fb5 Mon Sep 17 00:00:00 2001 From: Bitnami Bot Date: Wed, 19 Apr 2023 23:24:15 +0200 Subject: [PATCH] [bitnami/postgresql] Release 15.2.0-debian-11-r23 (#30953) Signed-off-by: Bitnami Containers --- bitnami/postgresql/15/debian-11/Dockerfile | 9 +- .../opt/bitnami/.bitnami_components.json | 8 +- .../prebuildfs/opt/bitnami/scripts/libos.sh | 95 +++++++++++++++++++ .../opt/bitnami/scripts/libpostgresql.sh | 10 +- .../bitnami/scripts/postgresql/run-autoctl.sh | 2 +- .../opt/bitnami/scripts/postgresql/run.sh | 2 +- 6 files changed, 107 insertions(+), 19 deletions(-) diff --git a/bitnami/postgresql/15/debian-11/Dockerfile b/bitnami/postgresql/15/debian-11/Dockerfile index 9dbccfae166f..c08ca8218cd4 100644 --- a/bitnami/postgresql/15/debian-11/Dockerfile +++ b/bitnami/postgresql/15/debian-11/Dockerfile @@ -5,10 +5,10 @@ ARG TARGETARCH ARG WITH_ALL_LOCALES="no" LABEL org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2023-04-17T21:15:50Z" \ + org.opencontainers.image.created="2023-04-19T20:52:46Z" \ org.opencontainers.image.description="Application packaged by VMware, Inc" \ org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="15.2.0-debian-11-r22" \ + org.opencontainers.image.ref.name="15.2.0-debian-11-r23" \ org.opencontainers.image.title="postgresql" \ org.opencontainers.image.vendor="VMware, Inc." \ org.opencontainers.image.version="15.2.0" @@ -24,8 +24,7 @@ SHELL ["/bin/bash", "-o", "pipefail", "-c"] RUN install_packages ca-certificates curl libbsd0 libbz2-1.0 libedit2 libffi7 libgcc-s1 libgmp10 libgnutls30 libhogweed6 libicu67 libidn2-0 libldap-2.4-2 liblz4-1 liblzma5 libmd0 libncurses6 libnettle8 libp11-kit0 libpcre3 libreadline8 libsasl2-2 libsqlite3-0 libssl1.1 libstdc++6 libtasn1-6 libtinfo6 libunistring2 libuuid1 libxml2 libxslt1.1 libzstd1 locales procps zlib1g RUN mkdir -p /tmp/bitnami/pkg/cache/ && cd /tmp/bitnami/pkg/cache/ && \ COMPONENTS=( \ - "gosu-1.16.0-5-linux-${OS_ARCH}-debian-11" \ - "postgresql-15.2.0-8-linux-${OS_ARCH}-debian-11" \ + "postgresql-15.2.0-9-linux-${OS_ARCH}-debian-11" \ ) && \ for COMPONENT in "${COMPONENTS[@]}"; do \ if [ ! -f "${COMPONENT}.tar.gz" ]; then \ @@ -54,7 +53,7 @@ ENV APP_VERSION="15.2.0" \ LANG="en_US.UTF-8" \ LANGUAGE="en_US:en" \ NSS_WRAPPER_LIB="/opt/bitnami/common/lib/libnss_wrapper.so" \ - PATH="/opt/bitnami/common/bin:/opt/bitnami/postgresql/bin:$PATH" + PATH="/opt/bitnami/postgresql/bin:$PATH" VOLUME [ "/bitnami/postgresql", "/docker-entrypoint-initdb.d", "/docker-entrypoint-preinitdb.d" ] diff --git a/bitnami/postgresql/15/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/postgresql/15/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json index af12cf6d24c1..9e2bab1bbe71 100644 --- a/bitnami/postgresql/15/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ b/bitnami/postgresql/15/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json @@ -1,14 +1,8 @@ { - "gosu": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.16.0-5" - }, "postgresql": { "arch": "amd64", "distro": "debian-11", "type": "NAMI", - "version": "15.2.0-8" + "version": "15.2.0-9" } } \ No newline at end of file diff --git a/bitnami/postgresql/15/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/postgresql/15/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh index 5e141d4ce3f1..e573899abacb 100644 --- a/bitnami/postgresql/15/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ b/bitnami/postgresql/15/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh @@ -553,3 +553,98 @@ get_root_disk_device_id() { get_root_disk_size() { fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true } + +######################## +# Run command as a specific user and group (optional) +# Arguments: +# $1 - USER(:GROUP) to switch to +# $2..$n - command to execute +# Returns: +# Exit code of the specified command +######################### +run_as_user() { + run_chroot "$@" +} + +######################## +# Execute command as a specific user and group (optional), +# replacing the current process image +# Arguments: +# $1 - USER(:GROUP) to switch to +# $2..$n - command to execute +# Returns: +# Exit code of the specified command +######################### +exec_as_user() { + run_chroot --replace-process "$@" +} + +######################## +# Run a command using chroot +# Arguments: +# $1 - USER(:GROUP) to switch to +# $2..$n - command to execute +# Flags: +# -r | --replace-process - Replace the current process image (optional) +# Returns: +# Exit code of the specified command +######################### +run_chroot() { + local userspec + local user + local homedir + local replace=false + local -r cwd="$(pwd)" + + # Parse and validate flags + while [[ "$#" -gt 0 ]]; do + case "$1" in + -r | --replace-process) + replace=true + ;; + --) + shift + break + ;; + -*) + stderr_print "unrecognized flag $1" + return 1 + ;; + *) + break + ;; + esac + shift + done + + # Parse and validate arguments + if [[ "$#" -lt 2 ]]; then + echo "expected at least 2 arguments" + return 1 + else + userspec=$1 + shift + + # userspec can optionally include the group, so we parse the user + user=$(echo "$userspec" | cut -d':' -f1) + fi + + if ! am_i_root; then + error "Could not switch to '${userspec}': Operation not permitted" + return 1 + fi + + # Get the HOME directory for the user to switch, as chroot does + # not properly update this env and some scripts rely on it + homedir=$(eval echo "~${user}") + if [[ ! -d $homedir ]]; then + homedir="${HOME:-/}" + fi + + # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion + if [[ "$replace" = true ]]; then + exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" + else + chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" + fi +} \ No newline at end of file diff --git a/bitnami/postgresql/15/debian-11/rootfs/opt/bitnami/scripts/libpostgresql.sh b/bitnami/postgresql/15/debian-11/rootfs/opt/bitnami/scripts/libpostgresql.sh index 347d506b6e42..678ce259b5a1 100644 --- a/bitnami/postgresql/15/debian-11/rootfs/opt/bitnami/scripts/libpostgresql.sh +++ b/bitnami/postgresql/15/debian-11/rootfs/opt/bitnami/scripts/libpostgresql.sh @@ -737,7 +737,7 @@ postgresql_stop() { if [[ -f "$POSTGRESQL_PID_FILE" ]]; then info "Stopping PostgreSQL..." if am_i_root; then - gosu "$POSTGRESQL_DAEMON_USER" "${cmd[@]}" + run_as_user "$POSTGRESQL_DAEMON_USER" "${cmd[@]}" else "${cmd[@]}" fi @@ -762,7 +762,7 @@ postgresql_start_bg() { fi local pg_ctl_cmd=() if am_i_root; then - pg_ctl_cmd+=("gosu" "$POSTGRESQL_DAEMON_USER") + pg_ctl_cmd+=("run_as_user" "$POSTGRESQL_DAEMON_USER") fi pg_ctl_cmd+=("$POSTGRESQL_BIN_DIR"/pg_ctl) if [[ "${BITNAMI_DEBUG:-false}" = true ]] || [[ $pg_logs = true ]]; then @@ -838,7 +838,7 @@ postgresql_master_init_db() { fi local initdb_cmd=() if am_i_root; then - initdb_cmd+=("gosu" "$POSTGRESQL_DAEMON_USER") + initdb_cmd+=("run_as_user" "$POSTGRESQL_DAEMON_USER") fi initdb_cmd+=("$POSTGRESQL_BIN_DIR/initdb") if [[ -n "${initdb_args[*]:-}" ]]; then @@ -869,7 +869,7 @@ postgresql_slave_init_db() { local -r check_args=("-U" "$POSTGRESQL_REPLICATION_USER" "-h" "$POSTGRESQL_MASTER_HOST" "-p" "$POSTGRESQL_MASTER_PORT_NUMBER" "-d" "postgres") local check_cmd=() if am_i_root; then - check_cmd=("gosu" "$POSTGRESQL_DAEMON_USER") + check_cmd=("run_as_user" "$POSTGRESQL_DAEMON_USER") fi check_cmd+=("$POSTGRESQL_BIN_DIR"/pg_isready) local ready_counter=$POSTGRESQL_INIT_MAX_TIMEOUT @@ -887,7 +887,7 @@ postgresql_slave_init_db() { local -r backup_args=("-D" "$POSTGRESQL_DATA_DIR" "-U" "$POSTGRESQL_REPLICATION_USER" "-h" "$POSTGRESQL_MASTER_HOST" "-p" "$POSTGRESQL_MASTER_PORT_NUMBER" "-X" "stream" "-w" "-v" "-P") local backup_cmd=() if am_i_root; then - backup_cmd+=("gosu" "$POSTGRESQL_DAEMON_USER") + backup_cmd+=("run_as_user" "$POSTGRESQL_DAEMON_USER") fi backup_cmd+=("$POSTGRESQL_BIN_DIR"/pg_basebackup) local replication_counter=$POSTGRESQL_INIT_MAX_TIMEOUT diff --git a/bitnami/postgresql/15/debian-11/rootfs/opt/bitnami/scripts/postgresql/run-autoctl.sh b/bitnami/postgresql/15/debian-11/rootfs/opt/bitnami/scripts/postgresql/run-autoctl.sh index 4eeb3c8201f8..a3e9c86689c4 100755 --- a/bitnami/postgresql/15/debian-11/rootfs/opt/bitnami/scripts/postgresql/run-autoctl.sh +++ b/bitnami/postgresql/15/debian-11/rootfs/opt/bitnami/scripts/postgresql/run-autoctl.sh @@ -24,7 +24,7 @@ cmd=$(command -v pg_autoctl) info "** Starting PostgreSQL autoctl_node (Mode: $POSTGRESQL_AUTOCTL_MODE) **" if am_i_root; then - exec gosu "$POSTGRESQL_DAEMON_USER" "$cmd" "${flags[@]}" + exec_as_user "$POSTGRESQL_DAEMON_USER" "$cmd" "${flags[@]}" else PGPASSWORD=$POSTGRESQL_REPLICATION_PASSWORD exec "$cmd" "${flags[@]}" fi diff --git a/bitnami/postgresql/15/debian-11/rootfs/opt/bitnami/scripts/postgresql/run.sh b/bitnami/postgresql/15/debian-11/rootfs/opt/bitnami/scripts/postgresql/run.sh index 738d4cfbe852..e51eedf435b3 100755 --- a/bitnami/postgresql/15/debian-11/rootfs/opt/bitnami/scripts/postgresql/run.sh +++ b/bitnami/postgresql/15/debian-11/rootfs/opt/bitnami/scripts/postgresql/run.sh @@ -27,7 +27,7 @@ cmd=$(command -v postgres) info "** Starting PostgreSQL **" if am_i_root; then - exec gosu "$POSTGRESQL_DAEMON_USER" "$cmd" "${flags[@]}" + exec_as_user "$POSTGRESQL_DAEMON_USER" "$cmd" "${flags[@]}" else exec "$cmd" "${flags[@]}" fi