-
Notifications
You must be signed in to change notification settings - Fork 164
/
Copy pathentrypoint.sh
executable file
·144 lines (119 loc) · 4.95 KB
/
entrypoint.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
#!/usr/bin/env bash
is_enabled () {
echo "$1" | grep -q -i -E "^(yes|on|true|1)$"
}
is_disabled () {
echo "$1" | grep -q -i -E "^(no|off|false|0)$"
}
# Set user account and run values
USER_NAME=${USER_NAME:-wineuser}
USER_UID=${USER_UID:-1010}
USER_GID=${USER_GID:-"${USER_UID}"}
USER_HOME=${USER_HOME:-/home/"${USER_NAME}"}
USER_PASSWD=${USER_PASSWD:-"$(openssl passwd -1 -salt "$(openssl rand -base64 6)" "${USER_NAME}")"}
USER_SUDO=${USER_SUDO:-yes}
RDP_SERVER=${RDP_SERVER:-no}
RUN_AS_ROOT=${RUN_AS_ROOT:-no}
FORCED_OWNERSHIP=${FORCED_OWNERSHIP:-no}
TZ=${TZ:-UTC}
USE_XVFB=${USE_XVFB:-no}
DUMMY_PULSEAUDIO=${DUMMY_PULSEAUDIO:-no}
# Catch attempts to set user as root
if [ "${USER_NAME}" = 'root' ] || [ "${USER_UID}" -eq 0 ] || [ "${USER_GID}" -eq 0 ]; then
echo "ERROR: To run as root, either set env RUN_AS_ROOT=yes or use ./docker-wine --as-root"
exit 1
fi
# Create the user account
grep -q ":${USER_GID}:$" /etc/group || groupadd --gid "${USER_GID}" "${USER_NAME}"
grep -q "^${USER_NAME}:" /etc/passwd || useradd --shell /bin/bash --uid "${USER_UID}" --gid "${USER_GID}" --password "${USER_PASSWD}" --no-create-home --home-dir "${USER_HOME}" "${USER_NAME}"
# Create the user's home if it doesn't exist
[ -d "${USER_HOME}" ] || mkdir -p "${USER_HOME}"
# Add or remove user from sudo group
if is_enabled "${USER_SUDO}"; then
groups "${USER_NAME}" | tr " " "\n" | grep -q "^sudo$" || usermod -aG sudo "${USER_NAME}"
elif is_disabled "${USER_SUDO}"; then
! groups "${USER_NAME}" | tr " " "\n" | grep -q "^sudo$" || gpasswd -d "${USER_NAME}" sudo
else
echo "ERROR: '${USER_SUDO}' is not a valid value for USER_SUDO"
exit 1
fi
# Take ownership of user's home directory if owned by root or if FORCED_OWNERSHIP is enabled
OWNER_IDS="$(stat -c "%u:%g" "${USER_HOME}")"
if [ "${OWNER_IDS}" != "${USER_UID}:${USER_GID}" ]; then
if [ "${OWNER_IDS}" == "0:0" ] || is_enabled "${FORCED_OWNERSHIP}"; then
chown -R "${USER_UID}":"${USER_GID}" "${USER_HOME}"
else
echo "ERROR: User's home '${USER_HOME}' is currently owned by $(stat -c "%U:%G" "${USER_HOME}")"
echo "Use option --force-owner to enable user ${USER_NAME} to take ownership"
exit 1
fi
fi
# Configure timezone
ln -snf "/usr/share/zoneinfo/${TZ}" /etc/localtime
echo "${TZ}" > /etc/timezone
# Run in X11 redirection mode (default) or with xvfb
if is_disabled "${RDP_SERVER}"; then
# Set up pulseaudio for redirection to UNIX socket
if is_disabled "${DUMMY_PULSEAUDIO}" && [ -e /tmp/pulse-socket ]; then
[ ! -f /root/pulse/client.conf ] || cp /root/pulse/client.conf /etc/pulse/client.conf
fi
# Run xvfb
if is_enabled "${USE_XVFB}"; then
nohup /usr/bin/Xvfb "${XVFB_SERVER}" -screen "${XVFB_SCREEN}" "${XVFB_RESOLUTION}" >/dev/null 2>&1 &
fi
# Generate .Xauthority using xauth with .Xkey sourced from host
if [ -f /root/.Xkey ]; then
[ -f /root/.Xauthority ] || touch /root/.Xauthority
xauth add "$DISPLAY" . "$(cat /root/.Xkey)"
fi
# Run in X11 redirection mode as $USER_NAME (default)
if is_disabled "${RUN_AS_ROOT}"; then
# Copy and take ownership of .Xauthority for X11 redirection
if [ -f /root/.Xauthority ] && is_disabled "${USE_XVFB}"; then
cp /root/.Xauthority "${USER_HOME}"
chown "${USER_UID}":"${USER_GID}" "${USER_HOME}/.Xauthority"
fi
# Run in X11 redirection mode as user
exec gosu "${USER_NAME}" "$@"
# Run in X11 redirection mode as root
elif is_enabled "${RUN_AS_ROOT}"; then
exec "$@"
else
echo "ERROR: '${RUN_AS_ROOT}' is not a valid value for RUN_AS_ROOT"
exit 1
fi
# Run in RDP server mode
elif is_enabled "${RDP_SERVER}"; then
# Exit if using nordp image
if ! [ -f /usr/sbin/xrdp ]; then
echo "ERROR: Unable to start RDP server as it is not included in this version of the docker-wine image"
exit 1
fi
# Remove xrdp pulseaudio source and sink modules if using dummy sound option
if is_enabled "${DUMMY_PULSEAUDIO}"; then
rm -f /var/lib/xrdp-pulseaudio-installer/module-xrdp-{sink,source}.so
fi
# If the pid for sesman or xrdp is there they need to be removed
# or else sesman/xrdp won't start and connections will fail
[ ! -f /var/run/xrdp/xrdp-sesman.pid ] || rm -f /var/run/xrdp/xrdp-sesman.pid
[ ! -f /var/run/xrdp/xrdp.pid ] || rm -f /var/run/xrdp/xrdp.pid
# Start xrdp sesman service
/usr/sbin/xrdp-sesman
# Run xrdp in foreground if no commands specified
if [ -z "$1" ]; then
exec /usr/sbin/xrdp --nodaemon
else
/usr/sbin/xrdp
if is_disabled "${RUN_AS_ROOT}"; then
exec gosu "${USER_NAME}" "$@"
elif is_enabled "${RUN_AS_ROOT}"; then
exec "$@"
else
echo "ERROR: '${RUN_AS_ROOT}' is not a valid value for RUN_AS_ROOT"
exit 1
fi
fi
else
echo "ERROR: '${RDP_SERVER}' is not a valid value for RDP_SERVER"
exit 1
fi