From e7dc6df7230c9ccc74bf9853fb614407b861a42a Mon Sep 17 00:00:00 2001
From: Dave Page <dpage@pgadmin.org>
Date: Mon, 21 Mar 2022 11:19:33 +0000
Subject: [PATCH] Support running the container under OpenShift with alternate
 UIDs. Fixes #7257

---
 Dockerfile                       | 13 ++++++++-----
 docs/en_US/release_notes_6_8.rst |  1 +
 pkg/docker/entrypoint.sh         |  9 +++++++++
 3 files changed, 18 insertions(+), 5 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index a265e6a2d..4db62c18b 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -188,14 +188,17 @@ RUN apk add \
         libcap && \
     /venv/bin/python3 -m pip install --no-cache-dir gunicorn && \
     find / -type d -name '__pycache__' -exec rm -rf {} + && \
-    groupadd -g 5050 pgadmin && \
-    useradd -r -u 5050 -g pgadmin pgadmin && \
+    useradd -r -u 5050 -g root -s /sbin/nologin pgadmin && \
     mkdir -p /var/lib/pgadmin && \
-    chown pgadmin:pgadmin /var/lib/pgadmin && \
+    chown pgadmin:root /var/lib/pgadmin && \
+    chmod g=u /var/lib/pgadmin && \
     touch /pgadmin4/config_distro.py && \
-    chown pgadmin:pgadmin /pgadmin4/config_distro.py && \
+    chown pgadmin:root /pgadmin4/config_distro.py && \
+    chmod g=u /pgadmin4/config_distro.py && \
+    chmod g=u /etc/passwd && \
     setcap CAP_NET_BIND_SERVICE=+eip /usr/bin/python3.9 && \
-    echo "pgadmin ALL = NOPASSWD: /usr/sbin/postfix start" > /etc/sudoers.d/postfix
+    echo "pgadmin ALL = NOPASSWD: /usr/sbin/postfix start" > /etc/sudoers.d/postfix && \
+    echo "pgadminr ALL = NOPASSWD: /usr/sbin/postfix start" >> /etc/sudoers.d/postfix
 
 USER pgadmin
 
diff --git a/docs/en_US/release_notes_6_8.rst b/docs/en_US/release_notes_6_8.rst
index 4e878fbb7..c36c39406 100644
--- a/docs/en_US/release_notes_6_8.rst
+++ b/docs/en_US/release_notes_6_8.rst
@@ -21,3 +21,4 @@ Bug fixes
 
   | `Issue #7059 <https://redmine.postgresql.org/issues/7059>`_ -  Fixed an issue where the error is shown on logout when the authentication source is oauth2.
   | `Issue #7238 <https://redmine.postgresql.org/issues/7238>`_ -  Fixed an issue where foreign key is not removed even if the referred table is removed in ERD.
+  | `Issue #7257 <https://redmine.postgresql.org/issues/7257>`_ -  Support running the container under OpenShift with alternate UIDs.
\ No newline at end of file
diff --git a/pkg/docker/entrypoint.sh b/pkg/docker/entrypoint.sh
index be8f78dc5..0e1bb3efc 100755
--- a/pkg/docker/entrypoint.sh
+++ b/pkg/docker/entrypoint.sh
@@ -1,5 +1,14 @@
 #!/bin/sh
 
+# Fixup the passwd file, in case we're on OpenShift
+if ! whoami &> /dev/null; then
+  if [ $(id -u) -ne 5050 ]; then
+    if [ -w /etc/passwd ]; then
+      echo "${USER_NAME:-pgadminr}:x:$(id -u):0:${USER_NAME:-pgadminr} user:${HOME}:/sbin/nologin" >> /etc/passwd
+    fi
+  fi
+fi
+
 # Populate config_distro.py. This has some default config, as well as anything
 # provided by the user through the PGADMIN_CONFIG_* environment variables.
 # Only update the file on first launch. The empty file is created during the