From 099a6d76a52637bc93e1959fb4e4b3941e0060fb Mon Sep 17 00:00:00 2001 From: Paul Date: Fri, 22 Apr 2022 17:47:10 +0200 Subject: [PATCH] add note about custom script/service folders --- general/container-customization.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/general/container-customization.md b/general/container-customization.md index 122835e48c..aa1a6ca52b 100644 --- a/general/container-customization.md +++ b/general/container-customization.md @@ -29,6 +29,8 @@ echo "**** installing ffmpeg ****" apk add --no-cache ffmpeg ``` +**NOTE:** The folder `/config/custom-cont-init.d` needs to be owned by root! If this is not the case, this folder will be renamed and a new (empty) folder will be created. This is to prevent remote code execution by putting scripts in the aforementioned folder. + ## Custom Services There might also be a need to run an additional service in a container alongside what we already package. Similarly to the custom scripts, just create a new directory at `/config/custom-services.d`. The files in this directory should be named after the service they will be running. @@ -43,6 +45,8 @@ Running cron in our containers is now as simple as a single file. Drop this scri **NOTE:** With this example, you will most likely need to have cron installed via a custom script using the technique in the previous section, and will need to populate the crontab. +**NOTE:** The folder `/config/custom-services.d` needs to be owned by root! If this is not the case, this folder will be renamed and a new (empty) folder will be created. This is to prevent remote code execution by putting scripts in the aforementioned folder. + ## Docker Mods In most cases if you needed to write some kind of custom logic to get a plugin to work or to use some kind of popular external service you will not be the only one that finds this logic useful.