You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
"Make sure the script is executable: run chmod +x init-aws.sh on the file first."
You should note that this script must be run on the host machine; it does not work if run inside the container.
Also, while this gets the job done, it's not a very good workaround. Having to run a chmod command on the host is not portable and... I don't know that it's an actual security risk, but it's certainly a security smell. The necessity for it is introduced by this line:
By mapping a host file to /etc/localstack/init/ready.d/init-aws.sh, you make it impossible for the container to manage permissions on it. It would be better to make a copy of init-aws.sh which the container can manage. I did this with a custom Dockerfile with the line COPY --chown=localstack /path/to/init-aws.sh /etc/localstack/init/ready.d/init-aws.sh; there might be a more elegant way to do it, but this at least means your Docker setup is not dependent on how host permissions are configured.
The text was updated successfully, but these errors were encountered:
"Make sure the script is executable: run chmod +x init-aws.sh on the file first."
You should note that this script must be run on the host machine; it does not work if run inside the container.
Also, while this gets the job done, it's not a very good workaround. Having to run a
chmodcommand on the host is not portable and... I don't know that it's an actual security risk, but it's certainly a security smell. The necessity for it is introduced by this line:By mapping a host file to /etc/localstack/init/ready.d/init-aws.sh, you make it impossible for the container to manage permissions on it. It would be better to make a copy of init-aws.sh which the container can manage. I did this with a custom Dockerfile with the line
COPY --chown=localstack /path/to/init-aws.sh /etc/localstack/init/ready.d/init-aws.sh; there might be a more elegant way to do it, but this at least means your Docker setup is not dependent on how host permissions are configured.The text was updated successfully, but these errors were encountered: