From 9f13453d5f9537508c314dee59edab4cc8d616f3 Mon Sep 17 00:00:00 2001 From: Daniel Jiang Date: Wed, 16 May 2018 15:36:22 +0800 Subject: [PATCH] chown only to the folder to store the config.json (#4978) Narrow down the scope of `chown` in adminserver because the /etc/adminserver/config/ is the location to store the config.json file. And /etc/adminserver/key should be readonly. --- make/photon/adminserver/start.sh | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/make/photon/adminserver/start.sh b/make/photon/adminserver/start.sh index c4d9c4d8e..cc7f4a2ec 100644 --- a/make/photon/adminserver/start.sh +++ b/make/photon/adminserver/start.sh @@ -1,5 +1,7 @@ #!/bin/sh -if [ -d /etc/adminserver ]; then - chown -R 10000:10000 /etc/adminserver + +#In the case when the config store is set to filesystem, the directory has to be writable. +if [ -d /etc/adminserver/config ]; then + chown -R 10000:10000 /etc/adminserver/config fi sudo -E -u \#10000 "/harbor/harbor_adminserver"