feat: use unprivileged runtime user

[svasek]

It's always better to run an application under unprivileged user instead of root ;-)

[jbergstroem]

It's always better to run an application under unprivileged user instead of root ;-)

You're not wrong. I think I attempted to do this a good while back but ran into two issues regarding backwards compatability and certain permission concerns. It seems I didn't document it well enough.

Very open to landing it if you can help me build confidence in a seamless upgrade path for all users.

[svasek]

Hi @jbergstroem, What issues have you ran into? I've tested it and it seems it works well. How can I help you?

[jbergstroem]

What issues have you ran into?

Since existing users will have different ownership of files, this needs to be handled. This applies to configs, user storage and so on. Needs proper testing and likely a "upgrade path".

[jbergstroem]

Gonna be testing this a bit now; I think with the recursive ownership it should be safe.

[jbergstroem]

@svasek have tested this pretty extensively now. I don't have a test suite to cover all of this, but I will be writing one test to make sure that the image is not root.

[jbergstroem]

@svasek the problem is that we cant install the mysql client required to import scripts (easier to find with new test suite). Few options:

1. Manually set user at startup through daemon instead of container (which we already kind of do)
2. embed a mysql client - via upstream or something smaller if possible (see: https://github.com/jbergstroem/mariadb-alpine/discussions/140)

[jbergstroem]

I'm gonna close this for now - happy to reopen if we for instance choose to embed a cli that can import data within a reasonable file size increase range.