Skip to content

10-listen-on-ipv6-by-default.sh breaks read-only container #416

@ginkel

Description

@ginkel

We are running our nginx containers with a read-only FS for security reasons (and mount a tmpfs as /run and /var/cache/nginx). These containers broke last night when mainline was switched to 1.19.0:

/docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration
/docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d/
/docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh
10-listen-on-ipv6-by-default.sh: Getting the checksum of /etc/nginx/conf.d/default.conf
sed: can't create temp file '/etc/nginx/conf.d/default.confXXXXXX': Read-only file system

Not completely sure what the right behavior should be, probably modifying the config file as part of the container build and not at runtime.

Edit: Just noticed that the script in question also has been added to stable, so that's also affected...

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions