From 7bababa5646e8cd024fccf1303d5452cbbbd0dd9 Mon Sep 17 00:00:00 2001
From: Son <github@snry.me>
Date: Wed, 15 May 2024 15:26:52 -0400
Subject: [PATCH] supervisord: run sogod.sh as root then step down to sogo user

---
 entrypoint.sh    | 15 ---------------
 sogod.sh         | 19 +++++++++++++++++--
 supervisord.conf |  3 +--
 3 files changed, 18 insertions(+), 19 deletions(-)

diff --git a/entrypoint.sh b/entrypoint.sh
index 684606f..38ae45c 100644
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -1,20 +1,5 @@
 #!/bin/bash
 
-if [ -z "$LD_PRELOAD" ]; then
-  LIBSSL_LOCATION=$(find / -type f -name "libssl.so.*" -print -quit 2>/dev/null)
-  echo "LD_PRELOAD=$LIBSSL_LOCATION" >> /etc/default/sogo
-  echo "LD_LIBRARY_PATH=/usr/local/lib/sogo:$LD_LIBRARY_PATH" >> /etc/default/sogo
-  export LD_PRELOAD=$LIBSSL_LOCATION
-else
-  echo "LD_PRELOAD=$LD_PRELOAD" >> /etc/default/sogo
-  if [ -z "$LD_LIBRARY_PATH" ]; then
-    echo "LD_LIBRARY_PATH=/usr/local/lib/sogo:/usr/local/lib:/usr/lib" >> /etc/default/sogo
-  else
-    echo "LD_LIBRARY_PATH=/usr/local/lib/sogo:/usr/local/lib:$LD_LIBRARY_PATH" >> /etc/default/sogo
-  fi
-  export LD_PRELOAD=$LD_PRELOAD
-fi
-
 # Set process UID and GID at runtime
 if [ -n "$PUID" ] && [ -n "$PGID" ]; then
   groupmod -g $PGID sogo
diff --git a/sogod.sh b/sogod.sh
index e239895..2ee2127 100644
--- a/sogod.sh
+++ b/sogod.sh
@@ -1,10 +1,25 @@
 #!/bin/bash
 
+if [ -z "$LD_PRELOAD" ]; then
+  LIBSSL_LOCATION=$(find / -type f -name "libssl.so.*" -print -quit 2>/dev/null)
+  echo "LD_PRELOAD=$LIBSSL_LOCATION" >> /etc/default/sogo
+  echo "LD_LIBRARY_PATH=/usr/local/lib/sogo:$LD_LIBRARY_PATH" >> /etc/default/sogo
+  export LD_PRELOAD=$LIBSSL_LOCATION
+else
+  echo "LD_PRELOAD=$LD_PRELOAD" >> /etc/default/sogo
+  if [ -z "$LD_LIBRARY_PATH" ]; then
+    echo "LD_LIBRARY_PATH=/usr/local/lib/sogo:/usr/local/lib:/usr/lib" >> /etc/default/sogo
+  else
+    echo "LD_LIBRARY_PATH=/usr/local/lib/sogo:/usr/local/lib:$LD_LIBRARY_PATH" >> /etc/default/sogo
+  fi
+  export LD_PRELOAD=$LD_PRELOAD
+fi
+
 if [ -f /etc/default/sogo ]; then
     . /etc/default/sogo
 fi
 
-. /lib/lsb/init-functions
 . /usr/share/GNUstep/Makefiles/GNUstep.sh
 
-/usr/local/sbin/sogod -WONoDetach YES -WOLogFile /var/log/sogo/sogo.log
\ No newline at end of file
+# Run SOGo in foreground
+su -s /bin/sh -c '/usr/local/sbin/sogod -WONoDetach YES -WOLogFile /var/log/sogo/sogo.log' sogo
\ No newline at end of file
diff --git a/supervisord.conf b/supervisord.conf
index b33f447..4c24f57 100644
--- a/supervisord.conf
+++ b/supervisord.conf
@@ -6,8 +6,7 @@ logfile_maxbytes=0
 
 [program:sogo]
 command=/opt/sogod.sh
-environment=LD_PRELOAD="%(ENV_LD_PRELOAD)s"
-user=sogo
+user=root
 stdout_logfile=/dev/fd/1
 stdout_logfile_maxbytes=0
 redirect_stderr=true