-
Notifications
You must be signed in to change notification settings - Fork 2.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update postgres #17012
Merged
Merged
Update postgres #17012
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Changes: - docker-library/postgres@cefde5f: Merge pull request docker-library/postgres#1246 from infosiftr/su-noexec - docker-library/postgres@3e9b4ea: Replace `su-exec` with `gosu`
Diff for 4bd28b2:diff --git a/_bashbrew-cat b/_bashbrew-cat
index cad263c..142d5f2 100644
--- a/_bashbrew-cat
+++ b/_bashbrew-cat
@@ -8,12 +8,12 @@ Directory: 12/bookworm
Tags: 12.19-alpine3.19, 12-alpine3.19
Architectures: amd64, arm32v6, arm32v7, arm64v8, i386, ppc64le, s390x
-GitCommit: 3a7be2f3213ce6e0f13f6a01b927d86aa53d9539
+GitCommit: 3e9b4eaaebf00d7a8ece67f02e2d6546402f4de7
Directory: 12/alpine3.19
Tags: 12.19-alpine3.20, 12-alpine3.20, 12.19-alpine, 12-alpine
Architectures: amd64, arm32v6, arm32v7, arm64v8, i386, ppc64le, riscv64, s390x
-GitCommit: 3a7be2f3213ce6e0f13f6a01b927d86aa53d9539
+GitCommit: 3e9b4eaaebf00d7a8ece67f02e2d6546402f4de7
Directory: 12/alpine3.20
Tags: 12.19-bullseye, 12-bullseye
@@ -28,12 +28,12 @@ Directory: 13/bookworm
Tags: 13.15-alpine3.19, 13-alpine3.19
Architectures: amd64, arm32v6, arm32v7, arm64v8, i386, ppc64le, s390x
-GitCommit: 3a7be2f3213ce6e0f13f6a01b927d86aa53d9539
+GitCommit: 3e9b4eaaebf00d7a8ece67f02e2d6546402f4de7
Directory: 13/alpine3.19
Tags: 13.15-alpine3.20, 13-alpine3.20, 13.15-alpine, 13-alpine
Architectures: amd64, arm32v6, arm32v7, arm64v8, i386, ppc64le, riscv64, s390x
-GitCommit: 3a7be2f3213ce6e0f13f6a01b927d86aa53d9539
+GitCommit: 3e9b4eaaebf00d7a8ece67f02e2d6546402f4de7
Directory: 13/alpine3.20
Tags: 13.15-bullseye, 13-bullseye
@@ -48,12 +48,12 @@ Directory: 14/bookworm
Tags: 14.12-alpine3.19, 14-alpine3.19
Architectures: amd64, arm32v6, arm32v7, arm64v8, i386, ppc64le, s390x
-GitCommit: 3a7be2f3213ce6e0f13f6a01b927d86aa53d9539
+GitCommit: 3e9b4eaaebf00d7a8ece67f02e2d6546402f4de7
Directory: 14/alpine3.19
Tags: 14.12-alpine3.20, 14-alpine3.20, 14.12-alpine, 14-alpine
Architectures: amd64, arm32v6, arm32v7, arm64v8, i386, ppc64le, riscv64, s390x
-GitCommit: 3a7be2f3213ce6e0f13f6a01b927d86aa53d9539
+GitCommit: 3e9b4eaaebf00d7a8ece67f02e2d6546402f4de7
Directory: 14/alpine3.20
Tags: 14.12-bullseye, 14-bullseye
@@ -68,12 +68,12 @@ Directory: 15/bookworm
Tags: 15.7-alpine3.19, 15-alpine3.19
Architectures: amd64, arm32v6, arm32v7, arm64v8, i386, ppc64le, s390x
-GitCommit: 3a7be2f3213ce6e0f13f6a01b927d86aa53d9539
+GitCommit: 3e9b4eaaebf00d7a8ece67f02e2d6546402f4de7
Directory: 15/alpine3.19
Tags: 15.7-alpine3.20, 15-alpine3.20, 15.7-alpine, 15-alpine
Architectures: amd64, arm32v6, arm32v7, arm64v8, i386, ppc64le, riscv64, s390x
-GitCommit: 3a7be2f3213ce6e0f13f6a01b927d86aa53d9539
+GitCommit: 3e9b4eaaebf00d7a8ece67f02e2d6546402f4de7
Directory: 15/alpine3.20
Tags: 15.7-bullseye, 15-bullseye
@@ -88,12 +88,12 @@ Directory: 16/bookworm
Tags: 16.3-alpine3.19, 16-alpine3.19, alpine3.19
Architectures: amd64, arm32v6, arm32v7, arm64v8, i386, ppc64le, s390x
-GitCommit: 3a7be2f3213ce6e0f13f6a01b927d86aa53d9539
+GitCommit: 3e9b4eaaebf00d7a8ece67f02e2d6546402f4de7
Directory: 16/alpine3.19
Tags: 16.3-alpine3.20, 16-alpine3.20, alpine3.20, 16.3-alpine, 16-alpine, alpine
Architectures: amd64, arm32v6, arm32v7, arm64v8, i386, ppc64le, riscv64, s390x
-GitCommit: 3a7be2f3213ce6e0f13f6a01b927d86aa53d9539
+GitCommit: 3e9b4eaaebf00d7a8ece67f02e2d6546402f4de7
Directory: 16/alpine3.20
Tags: 16.3-bullseye, 16-bullseye, bullseye
@@ -108,12 +108,12 @@ Directory: 17/bookworm
Tags: 17beta1-alpine3.19
Architectures: amd64, arm32v6, arm32v7, arm64v8, i386, ppc64le, s390x
-GitCommit: 3a7be2f3213ce6e0f13f6a01b927d86aa53d9539
+GitCommit: 3e9b4eaaebf00d7a8ece67f02e2d6546402f4de7
Directory: 17/alpine3.19
Tags: 17beta1-alpine3.20, 17beta1-alpine
Architectures: amd64, arm32v6, arm32v7, arm64v8, i386, ppc64le, riscv64, s390x
-GitCommit: 3a7be2f3213ce6e0f13f6a01b927d86aa53d9539
+GitCommit: 3e9b4eaaebf00d7a8ece67f02e2d6546402f4de7
Directory: 17/alpine3.20
Tags: 17beta1-bullseye
diff --git a/postgres_12-alpine/Dockerfile b/postgres_12-alpine/Dockerfile
index 74d5277..f1caf31 100644
--- a/postgres_12-alpine/Dockerfile
+++ b/postgres_12-alpine/Dockerfile
@@ -14,7 +14,36 @@ RUN set -eux; \
mkdir -p /var/lib/postgresql; \
chown -R postgres:postgres /var/lib/postgresql
-# su-exec (gosu-compatible) is installed further down
+# grab gosu for easy step-down from root
+# https://github.com/tianon/gosu/releases
+ENV GOSU_VERSION 1.17
+RUN set -eux; \
+ \
+ apk add --no-cache --virtual .gosu-deps \
+ ca-certificates \
+ dpkg \
+ gnupg \
+ ; \
+ \
+ dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \
+ wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \
+ wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \
+ \
+# verify the signature
+ export GNUPGHOME="$(mktemp -d)"; \
+ gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \
+ gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \
+ gpgconf --kill all; \
+ rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \
+ \
+# clean up fetch dependencies
+ apk del --no-network .gosu-deps; \
+ \
+ chmod +x /usr/local/bin/gosu; \
+# verify that the binary works
+ gosu --version; \
+ gosu nobody true
+RUN set -eux; ln -svf gosu /usr/local/bin/su-exec; su-exec nobody true # backwards compatibility (removed in PostgreSQL 17+)
# make the "en_US.UTF-8" locale so postgres will be utf-8 enabled by default
# alpine doesn't require explicit locale-file generation
@@ -135,7 +164,6 @@ RUN set -eux; \
apk add --no-cache --virtual .postgresql-rundeps \
$runDeps \
bash \
- su-exec \
tzdata \
zstd \
# https://wiki.alpinelinux.org/wiki/Release_Notes_for_Alpine_3.16.0#ICU_data_split
diff --git a/postgres_12-alpine/docker-ensure-initdb.sh b/postgres_12-alpine/docker-ensure-initdb.sh
index 2a97586..ae1f6b6 100755
--- a/postgres_12-alpine/docker-ensure-initdb.sh
+++ b/postgres_12-alpine/docker-ensure-initdb.sh
@@ -27,7 +27,7 @@ docker_setup_env
docker_create_db_directories
if [ "$(id -u)" = '0' ]; then
# then restart script as postgres user
- exec su-exec postgres "$BASH_SOURCE" "$@"
+ exec gosu postgres "$BASH_SOURCE" "$@"
fi
# only run initialization on an empty data directory
diff --git a/postgres_12-alpine/docker-entrypoint.sh b/postgres_12-alpine/docker-entrypoint.sh
index 8163d10..6f59993 100755
--- a/postgres_12-alpine/docker-entrypoint.sh
+++ b/postgres_12-alpine/docker-entrypoint.sh
@@ -310,7 +310,7 @@ _main() {
docker_create_db_directories
if [ "$(id -u)" = '0' ]; then
# then restart script as postgres user
- exec su-exec postgres "$BASH_SOURCE" "$@"
+ exec gosu postgres "$BASH_SOURCE" "$@"
fi
# only run initialization on an empty data directory
diff --git a/postgres_12-alpine3.19/Dockerfile b/postgres_12-alpine3.19/Dockerfile
index ecc8522..eb46f0f 100644
--- a/postgres_12-alpine3.19/Dockerfile
+++ b/postgres_12-alpine3.19/Dockerfile
@@ -14,7 +14,36 @@ RUN set -eux; \
mkdir -p /var/lib/postgresql; \
chown -R postgres:postgres /var/lib/postgresql
-# su-exec (gosu-compatible) is installed further down
+# grab gosu for easy step-down from root
+# https://github.com/tianon/gosu/releases
+ENV GOSU_VERSION 1.17
+RUN set -eux; \
+ \
+ apk add --no-cache --virtual .gosu-deps \
+ ca-certificates \
+ dpkg \
+ gnupg \
+ ; \
+ \
+ dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \
+ wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \
+ wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \
+ \
+# verify the signature
+ export GNUPGHOME="$(mktemp -d)"; \
+ gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \
+ gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \
+ gpgconf --kill all; \
+ rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \
+ \
+# clean up fetch dependencies
+ apk del --no-network .gosu-deps; \
+ \
+ chmod +x /usr/local/bin/gosu; \
+# verify that the binary works
+ gosu --version; \
+ gosu nobody true
+RUN set -eux; ln -svf gosu /usr/local/bin/su-exec; su-exec nobody true # backwards compatibility (removed in PostgreSQL 17+)
# make the "en_US.UTF-8" locale so postgres will be utf-8 enabled by default
# alpine doesn't require explicit locale-file generation
@@ -135,7 +164,6 @@ RUN set -eux; \
apk add --no-cache --virtual .postgresql-rundeps \
$runDeps \
bash \
- su-exec \
tzdata \
zstd \
# https://wiki.alpinelinux.org/wiki/Release_Notes_for_Alpine_3.16.0#ICU_data_split
diff --git a/postgres_12-alpine3.19/docker-ensure-initdb.sh b/postgres_12-alpine3.19/docker-ensure-initdb.sh
index 2a97586..ae1f6b6 100755
--- a/postgres_12-alpine3.19/docker-ensure-initdb.sh
+++ b/postgres_12-alpine3.19/docker-ensure-initdb.sh
@@ -27,7 +27,7 @@ docker_setup_env
docker_create_db_directories
if [ "$(id -u)" = '0' ]; then
# then restart script as postgres user
- exec su-exec postgres "$BASH_SOURCE" "$@"
+ exec gosu postgres "$BASH_SOURCE" "$@"
fi
# only run initialization on an empty data directory
diff --git a/postgres_12-alpine3.19/docker-entrypoint.sh b/postgres_12-alpine3.19/docker-entrypoint.sh
index 8163d10..6f59993 100755
--- a/postgres_12-alpine3.19/docker-entrypoint.sh
+++ b/postgres_12-alpine3.19/docker-entrypoint.sh
@@ -310,7 +310,7 @@ _main() {
docker_create_db_directories
if [ "$(id -u)" = '0' ]; then
# then restart script as postgres user
- exec su-exec postgres "$BASH_SOURCE" "$@"
+ exec gosu postgres "$BASH_SOURCE" "$@"
fi
# only run initialization on an empty data directory
diff --git a/postgres_13-alpine/Dockerfile b/postgres_13-alpine/Dockerfile
index eb373d2..567da31 100644
--- a/postgres_13-alpine/Dockerfile
+++ b/postgres_13-alpine/Dockerfile
@@ -14,7 +14,36 @@ RUN set -eux; \
mkdir -p /var/lib/postgresql; \
chown -R postgres:postgres /var/lib/postgresql
-# su-exec (gosu-compatible) is installed further down
+# grab gosu for easy step-down from root
+# https://github.com/tianon/gosu/releases
+ENV GOSU_VERSION 1.17
+RUN set -eux; \
+ \
+ apk add --no-cache --virtual .gosu-deps \
+ ca-certificates \
+ dpkg \
+ gnupg \
+ ; \
+ \
+ dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \
+ wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \
+ wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \
+ \
+# verify the signature
+ export GNUPGHOME="$(mktemp -d)"; \
+ gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \
+ gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \
+ gpgconf --kill all; \
+ rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \
+ \
+# clean up fetch dependencies
+ apk del --no-network .gosu-deps; \
+ \
+ chmod +x /usr/local/bin/gosu; \
+# verify that the binary works
+ gosu --version; \
+ gosu nobody true
+RUN set -eux; ln -svf gosu /usr/local/bin/su-exec; su-exec nobody true # backwards compatibility (removed in PostgreSQL 17+)
# make the "en_US.UTF-8" locale so postgres will be utf-8 enabled by default
# alpine doesn't require explicit locale-file generation
@@ -135,7 +164,6 @@ RUN set -eux; \
apk add --no-cache --virtual .postgresql-rundeps \
$runDeps \
bash \
- su-exec \
tzdata \
zstd \
# https://wiki.alpinelinux.org/wiki/Release_Notes_for_Alpine_3.16.0#ICU_data_split
diff --git a/postgres_13-alpine/docker-ensure-initdb.sh b/postgres_13-alpine/docker-ensure-initdb.sh
index 2a97586..ae1f6b6 100755
--- a/postgres_13-alpine/docker-ensure-initdb.sh
+++ b/postgres_13-alpine/docker-ensure-initdb.sh
@@ -27,7 +27,7 @@ docker_setup_env
docker_create_db_directories
if [ "$(id -u)" = '0' ]; then
# then restart script as postgres user
- exec su-exec postgres "$BASH_SOURCE" "$@"
+ exec gosu postgres "$BASH_SOURCE" "$@"
fi
# only run initialization on an empty data directory
diff --git a/postgres_13-alpine/docker-entrypoint.sh b/postgres_13-alpine/docker-entrypoint.sh
index 8163d10..6f59993 100755
--- a/postgres_13-alpine/docker-entrypoint.sh
+++ b/postgres_13-alpine/docker-entrypoint.sh
@@ -310,7 +310,7 @@ _main() {
docker_create_db_directories
if [ "$(id -u)" = '0' ]; then
# then restart script as postgres user
- exec su-exec postgres "$BASH_SOURCE" "$@"
+ exec gosu postgres "$BASH_SOURCE" "$@"
fi
# only run initialization on an empty data directory
diff --git a/postgres_13-alpine3.19/Dockerfile b/postgres_13-alpine3.19/Dockerfile
index 962b528..39a2352 100644
--- a/postgres_13-alpine3.19/Dockerfile
+++ b/postgres_13-alpine3.19/Dockerfile
@@ -14,7 +14,36 @@ RUN set -eux; \
mkdir -p /var/lib/postgresql; \
chown -R postgres:postgres /var/lib/postgresql
-# su-exec (gosu-compatible) is installed further down
+# grab gosu for easy step-down from root
+# https://github.com/tianon/gosu/releases
+ENV GOSU_VERSION 1.17
+RUN set -eux; \
+ \
+ apk add --no-cache --virtual .gosu-deps \
+ ca-certificates \
+ dpkg \
+ gnupg \
+ ; \
+ \
+ dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \
+ wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \
+ wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \
+ \
+# verify the signature
+ export GNUPGHOME="$(mktemp -d)"; \
+ gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \
+ gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \
+ gpgconf --kill all; \
+ rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \
+ \
+# clean up fetch dependencies
+ apk del --no-network .gosu-deps; \
+ \
+ chmod +x /usr/local/bin/gosu; \
+# verify that the binary works
+ gosu --version; \
+ gosu nobody true
+RUN set -eux; ln -svf gosu /usr/local/bin/su-exec; su-exec nobody true # backwards compatibility (removed in PostgreSQL 17+)
# make the "en_US.UTF-8" locale so postgres will be utf-8 enabled by default
# alpine doesn't require explicit locale-file generation
@@ -135,7 +164,6 @@ RUN set -eux; \
apk add --no-cache --virtual .postgresql-rundeps \
$runDeps \
bash \
- su-exec \
tzdata \
zstd \
# https://wiki.alpinelinux.org/wiki/Release_Notes_for_Alpine_3.16.0#ICU_data_split
diff --git a/postgres_13-alpine3.19/docker-ensure-initdb.sh b/postgres_13-alpine3.19/docker-ensure-initdb.sh
index 2a97586..ae1f6b6 100755
--- a/postgres_13-alpine3.19/docker-ensure-initdb.sh
+++ b/postgres_13-alpine3.19/docker-ensure-initdb.sh
@@ -27,7 +27,7 @@ docker_setup_env
docker_create_db_directories
if [ "$(id -u)" = '0' ]; then
# then restart script as postgres user
- exec su-exec postgres "$BASH_SOURCE" "$@"
+ exec gosu postgres "$BASH_SOURCE" "$@"
fi
# only run initialization on an empty data directory
diff --git a/postgres_13-alpine3.19/docker-entrypoint.sh b/postgres_13-alpine3.19/docker-entrypoint.sh
index 8163d10..6f59993 100755
--- a/postgres_13-alpine3.19/docker-entrypoint.sh
+++ b/postgres_13-alpine3.19/docker-entrypoint.sh
@@ -310,7 +310,7 @@ _main() {
docker_create_db_directories
if [ "$(id -u)" = '0' ]; then
# then restart script as postgres user
- exec su-exec postgres "$BASH_SOURCE" "$@"
+ exec gosu postgres "$BASH_SOURCE" "$@"
fi
# only run initialization on an empty data directory
diff --git a/postgres_14-alpine/Dockerfile b/postgres_14-alpine/Dockerfile
index a577a1f..dc839d7 100644
--- a/postgres_14-alpine/Dockerfile
+++ b/postgres_14-alpine/Dockerfile
@@ -14,7 +14,36 @@ RUN set -eux; \
mkdir -p /var/lib/postgresql; \
chown -R postgres:postgres /var/lib/postgresql
-# su-exec (gosu-compatible) is installed further down
+# grab gosu for easy step-down from root
+# https://github.com/tianon/gosu/releases
+ENV GOSU_VERSION 1.17
+RUN set -eux; \
+ \
+ apk add --no-cache --virtual .gosu-deps \
+ ca-certificates \
+ dpkg \
+ gnupg \
+ ; \
+ \
+ dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \
+ wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \
+ wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \
+ \
+# verify the signature
+ export GNUPGHOME="$(mktemp -d)"; \
+ gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \
+ gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \
+ gpgconf --kill all; \
+ rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \
+ \
+# clean up fetch dependencies
+ apk del --no-network .gosu-deps; \
+ \
+ chmod +x /usr/local/bin/gosu; \
+# verify that the binary works
+ gosu --version; \
+ gosu nobody true
+RUN set -eux; ln -svf gosu /usr/local/bin/su-exec; su-exec nobody true # backwards compatibility (removed in PostgreSQL 17+)
# make the "en_US.UTF-8" locale so postgres will be utf-8 enabled by default
# alpine doesn't require explicit locale-file generation
@@ -138,7 +167,6 @@ RUN set -eux; \
apk add --no-cache --virtual .postgresql-rundeps \
$runDeps \
bash \
- su-exec \
tzdata \
zstd \
# https://wiki.alpinelinux.org/wiki/Release_Notes_for_Alpine_3.16.0#ICU_data_split
diff --git a/postgres_14-alpine/docker-ensure-initdb.sh b/postgres_14-alpine/docker-ensure-initdb.sh
index 2a97586..ae1f6b6 100755
--- a/postgres_14-alpine/docker-ensure-initdb.sh
+++ b/postgres_14-alpine/docker-ensure-initdb.sh
@@ -27,7 +27,7 @@ docker_setup_env
docker_create_db_directories
if [ "$(id -u)" = '0' ]; then
# then restart script as postgres user
- exec su-exec postgres "$BASH_SOURCE" "$@"
+ exec gosu postgres "$BASH_SOURCE" "$@"
fi
# only run initialization on an empty data directory
diff --git a/postgres_14-alpine/docker-entrypoint.sh b/postgres_14-alpine/docker-entrypoint.sh
index 8163d10..6f59993 100755
--- a/postgres_14-alpine/docker-entrypoint.sh
+++ b/postgres_14-alpine/docker-entrypoint.sh
@@ -310,7 +310,7 @@ _main() {
docker_create_db_directories
if [ "$(id -u)" = '0' ]; then
# then restart script as postgres user
- exec su-exec postgres "$BASH_SOURCE" "$@"
+ exec gosu postgres "$BASH_SOURCE" "$@"
fi
# only run initialization on an empty data directory
diff --git a/postgres_14-alpine3.19/Dockerfile b/postgres_14-alpine3.19/Dockerfile
index 74f2c53..461318e 100644
--- a/postgres_14-alpine3.19/Dockerfile
+++ b/postgres_14-alpine3.19/Dockerfile
@@ -14,7 +14,36 @@ RUN set -eux; \
mkdir -p /var/lib/postgresql; \
chown -R postgres:postgres /var/lib/postgresql
-# su-exec (gosu-compatible) is installed further down
+# grab gosu for easy step-down from root
+# https://github.com/tianon/gosu/releases
+ENV GOSU_VERSION 1.17
+RUN set -eux; \
+ \
+ apk add --no-cache --virtual .gosu-deps \
+ ca-certificates \
+ dpkg \
+ gnupg \
+ ; \
+ \
+ dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \
+ wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \
+ wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \
+ \
+# verify the signature
+ export GNUPGHOME="$(mktemp -d)"; \
+ gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \
+ gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \
+ gpgconf --kill all; \
+ rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \
+ \
+# clean up fetch dependencies
+ apk del --no-network .gosu-deps; \
+ \
+ chmod +x /usr/local/bin/gosu; \
+# verify that the binary works
+ gosu --version; \
+ gosu nobody true
+RUN set -eux; ln -svf gosu /usr/local/bin/su-exec; su-exec nobody true # backwards compatibility (removed in PostgreSQL 17+)
# make the "en_US.UTF-8" locale so postgres will be utf-8 enabled by default
# alpine doesn't require explicit locale-file generation
@@ -138,7 +167,6 @@ RUN set -eux; \
apk add --no-cache --virtual .postgresql-rundeps \
$runDeps \
bash \
- su-exec \
tzdata \
zstd \
# https://wiki.alpinelinux.org/wiki/Release_Notes_for_Alpine_3.16.0#ICU_data_split
diff --git a/postgres_14-alpine3.19/docker-ensure-initdb.sh b/postgres_14-alpine3.19/docker-ensure-initdb.sh
index 2a97586..ae1f6b6 100755
--- a/postgres_14-alpine3.19/docker-ensure-initdb.sh
+++ b/postgres_14-alpine3.19/docker-ensure-initdb.sh
@@ -27,7 +27,7 @@ docker_setup_env
docker_create_db_directories
if [ "$(id -u)" = '0' ]; then
# then restart script as postgres user
- exec su-exec postgres "$BASH_SOURCE" "$@"
+ exec gosu postgres "$BASH_SOURCE" "$@"
fi
# only run initialization on an empty data directory
diff --git a/postgres_14-alpine3.19/docker-entrypoint.sh b/postgres_14-alpine3.19/docker-entrypoint.sh
index 8163d10..6f59993 100755
--- a/postgres_14-alpine3.19/docker-entrypoint.sh
+++ b/postgres_14-alpine3.19/docker-entrypoint.sh
@@ -310,7 +310,7 @@ _main() {
docker_create_db_directories
if [ "$(id -u)" = '0' ]; then
# then restart script as postgres user
- exec su-exec postgres "$BASH_SOURCE" "$@"
+ exec gosu postgres "$BASH_SOURCE" "$@"
fi
# only run initialization on an empty data directory
diff --git a/postgres_15-alpine/Dockerfile b/postgres_15-alpine/Dockerfile
index 1fac96c..79b20ac 100644
--- a/postgres_15-alpine/Dockerfile
+++ b/postgres_15-alpine/Dockerfile
@@ -14,7 +14,36 @@ RUN set -eux; \
mkdir -p /var/lib/postgresql; \
chown -R postgres:postgres /var/lib/postgresql
-# su-exec (gosu-compatible) is installed further down
+# grab gosu for easy step-down from root
+# https://github.com/tianon/gosu/releases
+ENV GOSU_VERSION 1.17
+RUN set -eux; \
+ \
+ apk add --no-cache --virtual .gosu-deps \
+ ca-certificates \
+ dpkg \
+ gnupg \
+ ; \
+ \
+ dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \
+ wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \
+ wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \
+ \
+# verify the signature
+ export GNUPGHOME="$(mktemp -d)"; \
+ gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \
+ gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \
+ gpgconf --kill all; \
+ rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \
+ \
+# clean up fetch dependencies
+ apk del --no-network .gosu-deps; \
+ \
+ chmod +x /usr/local/bin/gosu; \
+# verify that the binary works
+ gosu --version; \
+ gosu nobody true
+RUN set -eux; ln -svf gosu /usr/local/bin/su-exec; su-exec nobody true # backwards compatibility (removed in PostgreSQL 17+)
# make the "en_US.UTF-8" locale so postgres will be utf-8 enabled by default
# alpine doesn't require explicit locale-file generation
@@ -141,7 +170,6 @@ RUN set -eux; \
apk add --no-cache --virtual .postgresql-rundeps \
$runDeps \
bash \
- su-exec \
tzdata \
zstd \
# https://wiki.alpinelinux.org/wiki/Release_Notes_for_Alpine_3.16.0#ICU_data_split
diff --git a/postgres_15-alpine/docker-ensure-initdb.sh b/postgres_15-alpine/docker-ensure-initdb.sh
index 2a97586..ae1f6b6 100755
--- a/postgres_15-alpine/docker-ensure-initdb.sh
+++ b/postgres_15-alpine/docker-ensure-initdb.sh
@@ -27,7 +27,7 @@ docker_setup_env
docker_create_db_directories
if [ "$(id -u)" = '0' ]; then
# then restart script as postgres user
- exec su-exec postgres "$BASH_SOURCE" "$@"
+ exec gosu postgres "$BASH_SOURCE" "$@"
fi
# only run initialization on an empty data directory
diff --git a/postgres_15-alpine/docker-entrypoint.sh b/postgres_15-alpine/docker-entrypoint.sh
index 8163d10..6f59993 100755
--- a/postgres_15-alpine/docker-entrypoint.sh
+++ b/postgres_15-alpine/docker-entrypoint.sh
@@ -310,7 +310,7 @@ _main() {
docker_create_db_directories
if [ "$(id -u)" = '0' ]; then
# then restart script as postgres user
- exec su-exec postgres "$BASH_SOURCE" "$@"
+ exec gosu postgres "$BASH_SOURCE" "$@"
fi
# only run initialization on an empty data directory
diff --git a/postgres_15-alpine3.19/Dockerfile b/postgres_15-alpine3.19/Dockerfile
index 0a34e0d..2f249aa 100644
--- a/postgres_15-alpine3.19/Dockerfile
+++ b/postgres_15-alpine3.19/Dockerfile
@@ -14,7 +14,36 @@ RUN set -eux; \
mkdir -p /var/lib/postgresql; \
chown -R postgres:postgres /var/lib/postgresql
-# su-exec (gosu-compatible) is installed further down
+# grab gosu for easy step-down from root
+# https://github.com/tianon/gosu/releases
+ENV GOSU_VERSION 1.17
+RUN set -eux; \
+ \
+ apk add --no-cache --virtual .gosu-deps \
+ ca-certificates \
+ dpkg \
+ gnupg \
+ ; \
+ \
+ dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \
+ wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \
+ wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \
+ \
+# verify the signature
+ export GNUPGHOME="$(mktemp -d)"; \
+ gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \
+ gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \
+ gpgconf --kill all; \
+ rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \
+ \
+# clean up fetch dependencies
+ apk del --no-network .gosu-deps; \
+ \
+ chmod +x /usr/local/bin/gosu; \
+# verify that the binary works
+ gosu --version; \
+ gosu nobody true
+RUN set -eux; ln -svf gosu /usr/local/bin/su-exec; su-exec nobody true # backwards compatibility (removed in PostgreSQL 17+)
# make the "en_US.UTF-8" locale so postgres will be utf-8 enabled by default
# alpine doesn't require explicit locale-file generation
@@ -141,7 +170,6 @@ RUN set -eux; \
apk add --no-cache --virtual .postgresql-rundeps \
$runDeps \
bash \
- su-exec \
tzdata \
zstd \
# https://wiki.alpinelinux.org/wiki/Release_Notes_for_Alpine_3.16.0#ICU_data_split
diff --git a/postgres_15-alpine3.19/docker-ensure-initdb.sh b/postgres_15-alpine3.19/docker-ensure-initdb.sh
index 2a97586..ae1f6b6 100755
--- a/postgres_15-alpine3.19/docker-ensure-initdb.sh
+++ b/postgres_15-alpine3.19/docker-ensure-initdb.sh
@@ -27,7 +27,7 @@ docker_setup_env
docker_create_db_directories
if [ "$(id -u)" = '0' ]; then
# then restart script as postgres user
- exec su-exec postgres "$BASH_SOURCE" "$@"
+ exec gosu postgres "$BASH_SOURCE" "$@"
fi
# only run initialization on an empty data directory
diff --git a/postgres_15-alpine3.19/docker-entrypoint.sh b/postgres_15-alpine3.19/docker-entrypoint.sh
index 8163d10..6f59993 100755
--- a/postgres_15-alpine3.19/docker-entrypoint.sh
+++ b/postgres_15-alpine3.19/docker-entrypoint.sh
@@ -310,7 +310,7 @@ _main() {
docker_create_db_directories
if [ "$(id -u)" = '0' ]; then
# then restart script as postgres user
- exec su-exec postgres "$BASH_SOURCE" "$@"
+ exec gosu postgres "$BASH_SOURCE" "$@"
fi
# only run initialization on an empty data directory
diff --git a/postgres_17beta1-alpine/Dockerfile b/postgres_17beta1-alpine/Dockerfile
index 39375a0..f23096b 100644
--- a/postgres_17beta1-alpine/Dockerfile
+++ b/postgres_17beta1-alpine/Dockerfile
@@ -14,7 +14,35 @@ RUN set -eux; \
mkdir -p /var/lib/postgresql; \
chown -R postgres:postgres /var/lib/postgresql
-# su-exec (gosu-compatible) is installed further down
+# grab gosu for easy step-down from root
+# https://github.com/tianon/gosu/releases
+ENV GOSU_VERSION 1.17
+RUN set -eux; \
+ \
+ apk add --no-cache --virtual .gosu-deps \
+ ca-certificates \
+ dpkg \
+ gnupg \
+ ; \
+ \
+ dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \
+ wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \
+ wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \
+ \
+# verify the signature
+ export GNUPGHOME="$(mktemp -d)"; \
+ gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \
+ gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \
+ gpgconf --kill all; \
+ rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \
+ \
+# clean up fetch dependencies
+ apk del --no-network .gosu-deps; \
+ \
+ chmod +x /usr/local/bin/gosu; \
+# verify that the binary works
+ gosu --version; \
+ gosu nobody true
# make the "en_US.UTF-8" locale so postgres will be utf-8 enabled by default
# alpine doesn't require explicit locale-file generation
@@ -139,7 +167,6 @@ RUN set -eux; \
apk add --no-cache --virtual .postgresql-rundeps \
$runDeps \
bash \
- su-exec \
tzdata \
zstd \
# https://wiki.alpinelinux.org/wiki/Release_Notes_for_Alpine_3.16.0#ICU_data_split
diff --git a/postgres_17beta1-alpine/docker-ensure-initdb.sh b/postgres_17beta1-alpine/docker-ensure-initdb.sh
index 2a97586..ae1f6b6 100755
--- a/postgres_17beta1-alpine/docker-ensure-initdb.sh
+++ b/postgres_17beta1-alpine/docker-ensure-initdb.sh
@@ -27,7 +27,7 @@ docker_setup_env
docker_create_db_directories
if [ "$(id -u)" = '0' ]; then
# then restart script as postgres user
- exec su-exec postgres "$BASH_SOURCE" "$@"
+ exec gosu postgres "$BASH_SOURCE" "$@"
fi
# only run initialization on an empty data directory
diff --git a/postgres_17beta1-alpine/docker-entrypoint.sh b/postgres_17beta1-alpine/docker-entrypoint.sh
index 8163d10..6f59993 100755
--- a/postgres_17beta1-alpine/docker-entrypoint.sh
+++ b/postgres_17beta1-alpine/docker-entrypoint.sh
@@ -310,7 +310,7 @@ _main() {
docker_create_db_directories
if [ "$(id -u)" = '0' ]; then
# then restart script as postgres user
- exec su-exec postgres "$BASH_SOURCE" "$@"
+ exec gosu postgres "$BASH_SOURCE" "$@"
fi
# only run initialization on an empty data directory
diff --git a/postgres_17beta1-alpine3.19/Dockerfile b/postgres_17beta1-alpine3.19/Dockerfile
index 4d6c3d6..14ae82d 100644
--- a/postgres_17beta1-alpine3.19/Dockerfile
+++ b/postgres_17beta1-alpine3.19/Dockerfile
@@ -14,7 +14,35 @@ RUN set -eux; \
mkdir -p /var/lib/postgresql; \
chown -R postgres:postgres /var/lib/postgresql
-# su-exec (gosu-compatible) is installed further down
+# grab gosu for easy step-down from root
+# https://github.com/tianon/gosu/releases
+ENV GOSU_VERSION 1.17
+RUN set -eux; \
+ \
+ apk add --no-cache --virtual .gosu-deps \
+ ca-certificates \
+ dpkg \
+ gnupg \
+ ; \
+ \
+ dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \
+ wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \
+ wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \
+ \
+# verify the signature
+ export GNUPGHOME="$(mktemp -d)"; \
+ gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \
+ gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \
+ gpgconf --kill all; \
+ rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \
+ \
+# clean up fetch dependencies
+ apk del --no-network .gosu-deps; \
+ \
+ chmod +x /usr/local/bin/gosu; \
+# verify that the binary works
+ gosu --version; \
+ gosu nobody true
# make the "en_US.UTF-8" locale so postgres will be utf-8 enabled by default
# alpine doesn't require explicit locale-file generation
@@ -139,7 +167,6 @@ RUN set -eux; \
apk add --no-cache --virtual .postgresql-rundeps \
$runDeps \
bash \
- su-exec \
tzdata \
zstd \
# https://wiki.alpinelinux.org/wiki/Release_Notes_for_Alpine_3.16.0#ICU_data_split
diff --git a/postgres_17beta1-alpine3.19/docker-ensure-initdb.sh b/postgres_17beta1-alpine3.19/docker-ensure-initdb.sh
index 2a97586..ae1f6b6 100755
--- a/postgres_17beta1-alpine3.19/docker-ensure-initdb.sh
+++ b/postgres_17beta1-alpine3.19/docker-ensure-initdb.sh
@@ -27,7 +27,7 @@ docker_setup_env
docker_create_db_directories
if [ "$(id -u)" = '0' ]; then
# then restart script as postgres user
- exec su-exec postgres "$BASH_SOURCE" "$@"
+ exec gosu postgres "$BASH_SOURCE" "$@"
fi
# only run initialization on an empty data directory
diff --git a/postgres_17beta1-alpine3.19/docker-entrypoint.sh b/postgres_17beta1-alpine3.19/docker-entrypoint.sh
index 8163d10..6f59993 100755
--- a/postgres_17beta1-alpine3.19/docker-entrypoint.sh
+++ b/postgres_17beta1-alpine3.19/docker-entrypoint.sh
@@ -310,7 +310,7 @@ _main() {
docker_create_db_directories
if [ "$(id -u)" = '0' ]; then
# then restart script as postgres user
- exec su-exec postgres "$BASH_SOURCE" "$@"
+ exec gosu postgres "$BASH_SOURCE" "$@"
fi
# only run initialization on an empty data directory
diff --git a/postgres_alpine/Dockerfile b/postgres_alpine/Dockerfile
index 1620037..b7606c5 100644
--- a/postgres_alpine/Dockerfile
+++ b/postgres_alpine/Dockerfile
@@ -14,7 +14,36 @@ RUN set -eux; \
mkdir -p /var/lib/postgresql; \
chown -R postgres:postgres /var/lib/postgresql
-# su-exec (gosu-compatible) is installed further down
+# grab gosu for easy step-down from root
+# https://github.com/tianon/gosu/releases
+ENV GOSU_VERSION 1.17
+RUN set -eux; \
+ \
+ apk add --no-cache --virtual .gosu-deps \
+ ca-certificates \
+ dpkg \
+ gnupg \
+ ; \
+ \
+ dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \
+ wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \
+ wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \
+ \
+# verify the signature
+ export GNUPGHOME="$(mktemp -d)"; \
+ gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \
+ gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \
+ gpgconf --kill all; \
+ rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \
+ \
+# clean up fetch dependencies
+ apk del --no-network .gosu-deps; \
+ \
+ chmod +x /usr/local/bin/gosu; \
+# verify that the binary works
+ gosu --version; \
+ gosu nobody true
+RUN set -eux; ln -svf gosu /usr/local/bin/su-exec; su-exec nobody true # backwards compatibility (removed in PostgreSQL 17+)
# make the "en_US.UTF-8" locale so postgres will be utf-8 enabled by default
# alpine doesn't require explicit locale-file generation
@@ -140,7 +169,6 @@ RUN set -eux; \
apk add --no-cache --virtual .postgresql-rundeps \
$runDeps \
bash \
- su-exec \
tzdata \
zstd \
# https://wiki.alpinelinux.org/wiki/Release_Notes_for_Alpine_3.16.0#ICU_data_split
diff --git a/postgres_alpine/docker-ensure-initdb.sh b/postgres_alpine/docker-ensure-initdb.sh
index 2a97586..ae1f6b6 100755
--- a/postgres_alpine/docker-ensure-initdb.sh
+++ b/postgres_alpine/docker-ensure-initdb.sh
@@ -27,7 +27,7 @@ docker_setup_env
docker_create_db_directories
if [ "$(id -u)" = '0' ]; then
# then restart script as postgres user
- exec su-exec postgres "$BASH_SOURCE" "$@"
+ exec gosu postgres "$BASH_SOURCE" "$@"
fi
# only run initialization on an empty data directory
diff --git a/postgres_alpine/docker-entrypoint.sh b/postgres_alpine/docker-entrypoint.sh
index 8163d10..6f59993 100755
--- a/postgres_alpine/docker-entrypoint.sh
+++ b/postgres_alpine/docker-entrypoint.sh
@@ -310,7 +310,7 @@ _main() {
docker_create_db_directories
if [ "$(id -u)" = '0' ]; then
# then restart script as postgres user
- exec su-exec postgres "$BASH_SOURCE" "$@"
+ exec gosu postgres "$BASH_SOURCE" "$@"
fi
# only run initialization on an empty data directory
diff --git a/postgres_alpine3.19/Dockerfile b/postgres_alpine3.19/Dockerfile
index 09fb413..f949bbb 100644
--- a/postgres_alpine3.19/Dockerfile
+++ b/postgres_alpine3.19/Dockerfile
@@ -14,7 +14,36 @@ RUN set -eux; \
mkdir -p /var/lib/postgresql; \
chown -R postgres:postgres /var/lib/postgresql
-# su-exec (gosu-compatible) is installed further down
+# grab gosu for easy step-down from root
+# https://github.com/tianon/gosu/releases
+ENV GOSU_VERSION 1.17
+RUN set -eux; \
+ \
+ apk add --no-cache --virtual .gosu-deps \
+ ca-certificates \
+ dpkg \
+ gnupg \
+ ; \
+ \
+ dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \
+ wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \
+ wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \
+ \
+# verify the signature
+ export GNUPGHOME="$(mktemp -d)"; \
+ gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \
+ gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \
+ gpgconf --kill all; \
+ rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \
+ \
+# clean up fetch dependencies
+ apk del --no-network .gosu-deps; \
+ \
+ chmod +x /usr/local/bin/gosu; \
+# verify that the binary works
+ gosu --version; \
+ gosu nobody true
+RUN set -eux; ln -svf gosu /usr/local/bin/su-exec; su-exec nobody true # backwards compatibility (removed in PostgreSQL 17+)
# make the "en_US.UTF-8" locale so postgres will be utf-8 enabled by default
# alpine doesn't require explicit locale-file generation
@@ -140,7 +169,6 @@ RUN set -eux; \
apk add --no-cache --virtual .postgresql-rundeps \
$runDeps \
bash \
- su-exec \
tzdata \
zstd \
# https://wiki.alpinelinux.org/wiki/Release_Notes_for_Alpine_3.16.0#ICU_data_split
diff --git a/postgres_alpine3.19/docker-ensure-initdb.sh b/postgres_alpine3.19/docker-ensure-initdb.sh
index 2a97586..ae1f6b6 100755
--- a/postgres_alpine3.19/docker-ensure-initdb.sh
+++ b/postgres_alpine3.19/docker-ensure-initdb.sh
@@ -27,7 +27,7 @@ docker_setup_env
docker_create_db_directories
if [ "$(id -u)" = '0' ]; then
# then restart script as postgres user
- exec su-exec postgres "$BASH_SOURCE" "$@"
+ exec gosu postgres "$BASH_SOURCE" "$@"
fi
# only run initialization on an empty data directory
diff --git a/postgres_alpine3.19/docker-entrypoint.sh b/postgres_alpine3.19/docker-entrypoint.sh
index 8163d10..6f59993 100755
--- a/postgres_alpine3.19/docker-entrypoint.sh
+++ b/postgres_alpine3.19/docker-entrypoint.sh
@@ -310,7 +310,7 @@ _main() {
docker_create_db_directories
if [ "$(id -u)" = '0' ]; then
# then restart script as postgres user
- exec su-exec postgres "$BASH_SOURCE" "$@"
+ exec gosu postgres "$BASH_SOURCE" "$@"
fi
# only run initialization on an empty data directory Relevant Maintainers: |
yosifkit
approved these changes
Jun 19, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Changes:
su-exec
withgosu
postgres#1246 from infosiftr/su-noexecsu-exec
withgosu