diff --git a/bitnami/suitecrm/8/debian-11/Dockerfile b/bitnami/suitecrm/8/debian-11/Dockerfile index 24f649053b27..987df1ab050a 100644 --- a/bitnami/suitecrm/8/debian-11/Dockerfile +++ b/bitnami/suitecrm/8/debian-11/Dockerfile @@ -2,11 +2,12 @@ FROM docker.io/bitnami/minideb:bullseye ARG TARGETARCH -LABEL org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ - org.opencontainers.image.created="2023-04-17T15:58:19Z" \ +LABEL com.vmware.cp.artifact.flavor="sha256:109c7d51bd69bb6b3df71017440c1ea0699454f81fe188056c083f0b57c96ea6" \ + org.opencontainers.image.base.name="docker.io/bitnami/minideb:bullseye" \ + org.opencontainers.image.created="2023-04-20T17:32:12Z" \ org.opencontainers.image.description="Application packaged by VMware, Inc" \ org.opencontainers.image.licenses="Apache-2.0" \ - org.opencontainers.image.ref.name="8.2.4-debian-11-r14" \ + org.opencontainers.image.ref.name="8.2.4-debian-11-r15" \ org.opencontainers.image.title="suitecrm" \ org.opencontainers.image.vendor="VMware, Inc." \ org.opencontainers.image.version="8.2.4" @@ -23,12 +24,11 @@ RUN install_packages acl ca-certificates cron curl libaudit1 libbrotli1 libbsd0 RUN mkdir -p /tmp/bitnami/pkg/cache/ && cd /tmp/bitnami/pkg/cache/ && \ COMPONENTS=( \ "php-8.1.18-0-linux-${OS_ARCH}-debian-11" \ - "apache-2.4.57-3-linux-${OS_ARCH}-debian-11" \ + "apache-2.4.57-5-linux-${OS_ARCH}-debian-11" \ "mysql-client-10.6.12-4-linux-${OS_ARCH}-debian-11" \ - "libphp-8.1.18-0-linux-${OS_ARCH}-debian-11" \ + "libphp-8.1.18-2-linux-${OS_ARCH}-debian-11" \ "suitecrm-8.2.4-4-linux-${OS_ARCH}-debian-11" \ - "render-template-1.0.5-4-linux-${OS_ARCH}-debian-11" \ - "gosu-1.16.0-5-linux-${OS_ARCH}-debian-11" \ + "render-template-1.0.5-5-linux-${OS_ARCH}-debian-11" \ ) && \ for COMPONENT in "${COMPONENTS[@]}"; do \ if [ ! -f "${COMPONENT}.tar.gz" ]; then \ diff --git a/bitnami/suitecrm/8/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json b/bitnami/suitecrm/8/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json index fb6d2d226f5e..8488edf55585 100644 --- a/bitnami/suitecrm/8/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json +++ b/bitnami/suitecrm/8/debian-11/prebuildfs/opt/bitnami/.bitnami_components.json @@ -3,19 +3,13 @@ "arch": "amd64", "distro": "debian-11", "type": "NAMI", - "version": "2.4.57-3" - }, - "gosu": { - "arch": "amd64", - "distro": "debian-11", - "type": "NAMI", - "version": "1.16.0-5" + "version": "2.4.57-5" }, "libphp": { "arch": "amd64", "distro": "debian-11", "type": "NAMI", - "version": "8.1.18-0" + "version": "8.1.18-2" }, "mysql-client": { "arch": "amd64", @@ -33,7 +27,7 @@ "arch": "amd64", "distro": "debian-11", "type": "NAMI", - "version": "1.0.5-4" + "version": "1.0.5-5" }, "suitecrm": { "arch": "amd64", diff --git a/bitnami/suitecrm/8/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh b/bitnami/suitecrm/8/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh index 5e141d4ce3f1..e573899abacb 100644 --- a/bitnami/suitecrm/8/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh +++ b/bitnami/suitecrm/8/debian-11/prebuildfs/opt/bitnami/scripts/libos.sh @@ -553,3 +553,98 @@ get_root_disk_device_id() { get_root_disk_size() { fdisk -l "$(get_root_disk_device_id)" | grep 'Disk.*bytes' | sed -E 's/.*, ([0-9]+) bytes,.*/\1/' || true } + +######################## +# Run command as a specific user and group (optional) +# Arguments: +# $1 - USER(:GROUP) to switch to +# $2..$n - command to execute +# Returns: +# Exit code of the specified command +######################### +run_as_user() { + run_chroot "$@" +} + +######################## +# Execute command as a specific user and group (optional), +# replacing the current process image +# Arguments: +# $1 - USER(:GROUP) to switch to +# $2..$n - command to execute +# Returns: +# Exit code of the specified command +######################### +exec_as_user() { + run_chroot --replace-process "$@" +} + +######################## +# Run a command using chroot +# Arguments: +# $1 - USER(:GROUP) to switch to +# $2..$n - command to execute +# Flags: +# -r | --replace-process - Replace the current process image (optional) +# Returns: +# Exit code of the specified command +######################### +run_chroot() { + local userspec + local user + local homedir + local replace=false + local -r cwd="$(pwd)" + + # Parse and validate flags + while [[ "$#" -gt 0 ]]; do + case "$1" in + -r | --replace-process) + replace=true + ;; + --) + shift + break + ;; + -*) + stderr_print "unrecognized flag $1" + return 1 + ;; + *) + break + ;; + esac + shift + done + + # Parse and validate arguments + if [[ "$#" -lt 2 ]]; then + echo "expected at least 2 arguments" + return 1 + else + userspec=$1 + shift + + # userspec can optionally include the group, so we parse the user + user=$(echo "$userspec" | cut -d':' -f1) + fi + + if ! am_i_root; then + error "Could not switch to '${userspec}': Operation not permitted" + return 1 + fi + + # Get the HOME directory for the user to switch, as chroot does + # not properly update this env and some scripts rely on it + homedir=$(eval echo "~${user}") + if [[ ! -d $homedir ]]; then + homedir="${HOME:-/}" + fi + + # Obtaining value for "$@" indirectly in order to properly support shell parameter expansion + if [[ "$replace" = true ]]; then + exec chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" + else + chroot --userspec="$userspec" / bash -c "cd ${cwd}; export HOME=${homedir}; exec \"\$@\"" -- "$@" + fi +} \ No newline at end of file diff --git a/bitnami/suitecrm/8/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/bitnami.conf.tpl b/bitnami/suitecrm/8/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/bitnami.conf.tpl index 6d3b22894445..75a255c3efee 100644 --- a/bitnami/suitecrm/8/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/bitnami.conf.tpl +++ b/bitnami/suitecrm/8/debian-11/rootfs/opt/bitnami/scripts/apache/bitnami-templates/bitnami.conf.tpl @@ -15,4 +15,3 @@ SetEnvIf X-Forwarded-Proto https HTTPS=on ErrorDocument 503 /503.html -Include "{{APACHE_CONF_DIR}}/bitnami/bitnami-ssl.conf" diff --git a/bitnami/suitecrm/8/debian-11/rootfs/opt/bitnami/scripts/apache/setup.sh b/bitnami/suitecrm/8/debian-11/rootfs/opt/bitnami/scripts/apache/setup.sh index bad7b1b943f5..131f5acba447 100755 --- a/bitnami/suitecrm/8/debian-11/rootfs/opt/bitnami/scripts/apache/setup.sh +++ b/bitnami/suitecrm/8/debian-11/rootfs/opt/bitnami/scripts/apache/setup.sh @@ -35,6 +35,10 @@ if [[ ! -f "${APACHE_CONF_DIR}/bitnami/certs/server.crt" ]]; then openssl x509 -req -sha256 -in "$SSL_CSR_FILE" -signkey "$SSL_KEY_FILE" -out "$SSL_CERT_FILE" -days 1825 -extfile <(echo -n "$SSL_EXT") rm -f "$SSL_CSR_FILE" fi +# Load SSL configuration +if [[ -f "${APACHE_CONF_DIR}/bitnami/bitnami.conf" ]] && [[ -f "${APACHE_CONF_DIR}/bitnami/bitnami-ssl.conf" ]]; then + ensure_apache_configuration_exists "Include \"${APACHE_CONF_DIR}/bitnami/bitnami-ssl.conf\"" "bitnami-ssl\.conf" "${APACHE_CONF_DIR}/bitnami/bitnami.conf" +fi # Copy vhosts files if ! is_dir_empty "/vhosts"; then diff --git a/bitnami/suitecrm/8/debian-11/rootfs/opt/bitnami/scripts/libapache.sh b/bitnami/suitecrm/8/debian-11/rootfs/opt/bitnami/scripts/libapache.sh index 0aeb9a906755..f64a8b0b5e14 100644 --- a/bitnami/suitecrm/8/debian-11/rootfs/opt/bitnami/scripts/libapache.sh +++ b/bitnami/suitecrm/8/debian-11/rootfs/opt/bitnami/scripts/libapache.sh @@ -237,18 +237,20 @@ is_apache_not_running() { # Arguments: # $1 - configuration string # $2 - pattern to use for checking if the configuration already exists (default: $1) +# $3 - Apache configuration file (default: $APACHE_CONF_FILE) # Returns: # None ######################## ensure_apache_configuration_exists() { local -r conf="${1:?conf missing}" local -r pattern="${2:-"$conf"}" + local -r conf_file="${3:-"$APACHE_CONF_FILE"}" # Enable configuration by appending to httpd.conf - if ! grep -E -q "$pattern" "$APACHE_CONF_FILE"; then - if is_file_writable "$APACHE_CONF_FILE"; then - cat >> "$APACHE_CONF_FILE" <<< "$conf" + if ! grep -E -q "$pattern" "$conf_file"; then + if is_file_writable "$conf_file"; then + cat >> "$conf_file" <<< "$conf" else - error "Could not add the following configuration to '${APACHE_CONF_FILE}:" + error "Could not add the following configuration to '${conf_file}:" error "" error "$(indent "$conf" 4)" error "" diff --git a/bitnami/suitecrm/8/debian-11/rootfs/opt/bitnami/scripts/libmysqlclient.sh b/bitnami/suitecrm/8/debian-11/rootfs/opt/bitnami/scripts/libmysqlclient.sh index 62c4a44c7809..c8bc278d0266 100644 --- a/bitnami/suitecrm/8/debian-11/rootfs/opt/bitnami/scripts/libmysqlclient.sh +++ b/bitnami/suitecrm/8/debian-11/rootfs/opt/bitnami/scripts/libmysqlclient.sh @@ -447,7 +447,7 @@ mysql_stop() { mysql_install_db() { local command="${DB_BIN_DIR}/mysql_install_db" local -a args=("--defaults-file=${DB_CONF_FILE}" "--basedir=${DB_BASE_DIR}" "--datadir=${DB_DATA_DIR}") - + # Add flags specified via the 'DB_EXTRA_FLAGS' environment variable read -r -a db_extra_flags <<< "$(mysql_extra_flags)" [[ "${#db_extra_flags[@]}" -gt 0 ]] && args+=("${db_extra_flags[@]}") diff --git a/bitnami/suitecrm/8/debian-11/rootfs/opt/bitnami/scripts/libsuitecrm.sh b/bitnami/suitecrm/8/debian-11/rootfs/opt/bitnami/scripts/libsuitecrm.sh index 5eddfd9e9a43..9c504270320e 100644 --- a/bitnami/suitecrm/8/debian-11/rootfs/opt/bitnami/scripts/libsuitecrm.sh +++ b/bitnami/suitecrm/8/debian-11/rootfs/opt/bitnami/scripts/libsuitecrm.sh @@ -468,7 +468,7 @@ suitecrm_execute() { local -a cmd=("php" "${SUITECRM_BASE_DIR}/bin/console" "$@") # Run as web server user to avoid having to change permissions/ownership afterwards if am_i_root; then - debug_execute gosu "$WEB_SERVER_DAEMON_USER" "${cmd[@]}" + debug_execute run_as_user "$WEB_SERVER_DAEMON_USER" "${cmd[@]}" else debug_execute "${cmd[@]}" fi