From d639f017b2f342d4e26c7d9cf630c4f71932006b Mon Sep 17 00:00:00 2001 From: Jocelyn Le Sage Date: Thu, 15 Jun 2017 13:24:22 -0400 Subject: [PATCH] Added support for supplying supplementary groups of the X application. --- README.md | 3 +++ rootfs/etc/services.d/guiapp/run | 6 +++++- 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index f7fdcae..924211e 100644 --- a/README.md +++ b/README.md @@ -137,6 +137,9 @@ to the `docker run` command. - **GROUP_ID** ID of the group the X application run as. Default is `1000`. See [User/Group IDs](#usergroup-ids) to better understand when this should be set. +- **SUP_GROUP_IDS** + Comma-separated list of supplementary group IDs of the X application. By + default, this variable is not set. - **APP_NICENESS** Priority at which the X application should run. A niceness value of −20 is the highest priority and 19 is the lowest priority. By default, niceness is diff --git a/rootfs/etc/services.d/guiapp/run b/rootfs/etc/services.d/guiapp/run index f8721d3..2473c1e 100755 --- a/rootfs/etc/services.d/guiapp/run +++ b/rootfs/etc/services.d/guiapp/run @@ -11,7 +11,11 @@ done echo "[services.d] guiapp: starting "${APP_NAME:-X application}"..." if [ -e /startapp.sh ]; then - exec 2>&1 $APP_NICE_CMD s6-setuidgid $USER_ID:$GROUP_ID /startapp.sh + if [ "${SUP_GROUP_IDS:-UNSET}" != "UNSET" ]; then + exec 2>&1 $APP_NICE_CMD s6-applyuidgid -u $USER_ID -g $GROUP_ID -G $SUP_GROUP_IDS /startapp.sh + else + exec 2>&1 $APP_NICE_CMD s6-setuidgid $USER_ID:$GROUP_ID /startapp.sh + fi else echo "" echo "/!\\ No application to start: /startapp.sh is missing. /!\\"