You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The issue is also present when started with the way mentioned in README (docker run -d --name py-kms --restart always -p 1688:1688 ghcr.io/py-kms-organization/py-kms) and seems to be not related to docker itself but rather to entrypoint.py.
gets UID/GID from environment variables UID and GID. If they are not present, os.getenv() uses default values, making new_uid and new_gid equal to uid and gid, rendering checks
Docker container does not drop privileges and runs py-kms as root when started with docker compose in the following manner:
The issue is also present when started with the way mentioned in README (
docker run -d --name py-kms --restart always -p 1688:1688 ghcr.io/py-kms-organization/py-kms
) and seems to be not related to docker itself but rather toentrypoint.py
.The following code
py-kms/docker/entrypoint.py
Lines 29 to 32 in 7f08d75
UID
andGID
. If they are not present,os.getenv()
uses default values, makingnew_uid
andnew_gid
equal touid
andgid
, rendering checkspy-kms/docker/entrypoint.py
Line 39 in 7f08d75
py-kms/docker/entrypoint.py
Line 43 in 7f08d75
os.setuid()
andos.setgid()
are not called.The text was updated successfully, but these errors were encountered: