modsecurity-crs-docker
modsecurity-crs-docker copied to clipboard
sed error when running container with non-root user
A sed-command error appears when starting the container with non-root user.
sed: cannot rename /etc/modsecurity.d/owasp-crs/sedoXeakT: Operation not permitted
I've tried to avoid that error using chmod -R 777
and chown
, but it doesn't work.
HI @lasperr ! Which container are you using?
Hi @fzipi ! I used modsecurity-crs:nginx
image
Probably related to #55 then. When adding those permissions, will fix this. Let me take a look.
Unfortunately, it doesn't work.
RUN chown -R nginx:nginx /etc/nginx/
RUN chown -R nginx:nginx /opt/modsecurity/
RUN chown -R nginx:nginx /etc/modsecurity.d/
RUN chown -R nginx:nginx /opt/owasp-crs/
RUN chown -R nginx:nginx /usr/local/
RUN chown -R nginx:nginx /usr/share/nginx
USER nginx
I even did this
RUN chmod -R 777 /etc/nginx/
RUN chmod -R 777 /opt/modsecurity/
RUN chmod -R 777 /etc/modsecurity.d/
RUN chmod -R 777 /opt/owasp-crs/
RUN chmod -R 777 /usr/local/
RUN chmod -R 777 /usr/share/nginx
Unfortunately, it doesn't work.
RUN chown -R nginx:nginx /etc/nginx/ RUN chown -R nginx:nginx /opt/modsecurity/ RUN chown -R nginx:nginx /etc/modsecurity.d/ RUN chown -R nginx:nginx /opt/owasp-crs/ RUN chown -R nginx:nginx /usr/local/ RUN chown -R nginx:nginx /usr/share/nginx USER nginx
I even did this
RUN chmod -R 777 /etc/nginx/ RUN chmod -R 777 /opt/modsecurity/ RUN chmod -R 777 /etc/modsecurity.d/ RUN chmod -R 777 /opt/owasp-crs/ RUN chmod -R 777 /usr/local/ RUN chmod -R 777 /usr/share/nginx
I resolved it by looking at all of the paths that you are using in your config files and then chowning them one by one. It is possible that you are also using directories like /var/www/...
which I decided to not use and am using a /home/nginx/app
path rather.
So which perms need to be changed then?