Skip to main content
M
mattr35369017
Participating Frequently
August 11, 2022
Question

ColdFusion 2021 Docker container runas non-root user

  • August 11, 2022
  • 2 replies
  • 680 views

Hi,

Running the ColdFusion 2021 or 2018 Docker containers only seem to work as root.

Could this be verified? Anyone else having the same issue?

 

Using the out of box cfuser account fails - Docker logs:

 

"Updating webroot to /app
cp: cannot create regular file '/app/crossdomain.xml': Permission denied"

And:

"You must be root to start ColdFusion."

 

Stripped down Dockerfile I'm using:

FROM adobecoldfusion/coldfusion2021:latest
USER root
COPY /src /app
EXPOSE 8500
USER cfuser
 
I've also tried creating a group and user account with permissions on /app as specified in the 2021 lockdown guide - no dice
 
Wondering if there's an issue with the start-coldfusion.sh file maybe? Any help appreciated
 
Cheers,
 
Matt

 

    This topic has been closed for replies.

    2 replies

    Priyank Shrivastava.
    Community Manager
    Priyank Shrivastava.Community Manager
    Community Manager
    August 15, 2022

    Hi Matt, 

     

    There is a bug logged for this - https://tracker.adobe.com/#/view/CF-4208722

     

    Thanks, Priyank Shrivastava
      M
      mattr35369017Author
      Participating Frequently
      August 15, 2022

      Thank you, I have posted on the bug page to ask if there was a fix as the bug is marked as withdrawn - the issue is not resolved as far as I can tell

      Priyank Shrivastava.
      Community Manager
      Priyank Shrivastava.Community Manager
      Community Manager
      August 16, 2022

      Hi Matt, that bug is not yet fixed. We have already opened an internal bug long before this one logged. 

       

      I will check if I can make the other bug public so you can track it from there. 

       

      Thanks, Priyank Shrivastava
        B
        brianatvfive
        Participant
        August 12, 2022

        We are running it via commandbox but same thing here. Ours runs but throws errors because the non root user is unable to read/write to stdout and stderr. We don't get any logs as a result. Only bashing into the container and checking can we see. Tried a variety of guidance and none work so far. 

          M
          mattr35369017Author
          Participating Frequently
          August 14, 2022

          Thanks, that's not good news. I noticed someone with a similar error from back in 2014, no solution found then? (cold fusion 10 root access to start stop - Adobe Support Community - 6241609).

          Given that 2018 and 2021 versions have come out since, both with cfuser set up to run as non-root in Linux, for both Docker container and on-premises Linux (according to 2021 Lockdown guide), it should work.

          I'm asking our licensing person if there's a way we can log a ticket to get this looked at. Also getting our Linux SME to take a look. Will post any news here. Cheers.

           

          Terms & ConditionsAccessibility statement
          Using the community Terms of use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices