From 7159150a99ed09d3948458a569cee016a34b43f6 Mon Sep 17 00:00:00 2001 From: mchyzer Date: Sat, 25 Nov 2023 16:26:44 -0500 Subject: [PATCH] GRP-5155: start GSH as GROUPER_GSH_USER in container --- container_files/usr-local-bin/containerPing | 11 +++++++++++ container_files/usr-local-bin/gsh | 4 ++-- 2 files changed, 13 insertions(+), 2 deletions(-) create mode 100755 container_files/usr-local-bin/containerPing diff --git a/container_files/usr-local-bin/containerPing b/container_files/usr-local-bin/containerPing new file mode 100755 index 00000000..18b70804 --- /dev/null +++ b/container_files/usr-local-bin/containerPing @@ -0,0 +1,11 @@ +#!/bin/bash + +prep_daemon +prep_finish +setupFiles +runCommand_unsetAll + +export GSH_JVMARGS="$GSH_JVMARGS -DENV=$ENV -DUSERTOKEN=$USERTOKEN" + +# sample command every 10 minutes, just a ping to keep container running, for testing +/usr/bin/ping -i 600 google.com diff --git a/container_files/usr-local-bin/gsh b/container_files/usr-local-bin/gsh index a9826835..27b56968 100755 --- a/container_files/usr-local-bin/gsh +++ b/container_files/usr-local-bin/gsh @@ -11,9 +11,9 @@ export GSH_JVMARGS="$GSH_JVMARGS -DENV=$ENV -DUSERTOKEN=$USERTOKEN" set -o pipefail # openshift cannot do whoami -if [ "$GROUPER_GSH_CHECK_USER" = "true" ] && [ "$GROUPER_GSH_USER" != "$(whoami)" ] +if [ "$GROUPER_GSH_USER" != "$(whoami)" ] && [ $EUID -eq 0 ] then - echo "grouperContainer; INFO: (gsh file) sudo --preserve-env -u tomcat bin/gsh.sh \"$@\" | tee /tmp/loggrouper" + echo "grouperContainer; INFO: (gsh file) sudo --preserve-env -u $GROUPER_GSH_USER bin/gsh.sh \"$@\" | tee /tmp/loggrouper" sudo --preserve-env -u tomcat bin/gsh.sh "$@" | tee /tmp/loggrouper else echo "grouperContainer; INFO: (gsh file) bin/gsh.sh \"$@\" | tee /tmp/loggrouper"