Add a shim to znc

This serves to do two things: 1) chown /znc to znc:znc, which is really handy if the znc user inside the docker container has a new uid, because the files are stored on the host filesystem. 2) to drop privs to the znc user, to reduce the attack surface.
2025-12-12 07:52:40 +01:00 · 2014-10-15 20:44:27 -04:00
parent 0c699d40b8
commit 16a78e70ce
2 changed files with 28 additions and 2 deletions
--- a/znc/znc-shim
+++ b/znc/znc-shim
@@ -0,0 +1,11 @@
+#!/bin/bash
+set -e
+
+ZNC_DIR="/znc"
+ZNC_OWNER=$(stat -c "%U" ${ZNC_DIR})
+
+if [ "${ZNC_OWNER}" != "znc" ]; then
+    chown -R znc:znc ${ZNC_DIR}
+fi
+
+exec sudo -u znc "$@"