From 71a172070cb697ba2b41a18a8518575f3f22df63 Mon Sep 17 00:00:00 2001
From: Breno <brenoqueirozvds@gmail.com>
Date: Tue, 21 Jan 2025 12:55:19 -0300
Subject: [PATCH 1/2] PRD-369 Fixing permission issues

---
 docker-entrypoint.sh | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh
index 08fd012..036a0ac 100755
--- a/docker-entrypoint.sh
+++ b/docker-entrypoint.sh
@@ -33,6 +33,8 @@ else
   [ ! -d "$PGDATA" ] && {
     LANG=${LANG:-en_US.utf8} /usr/pgsql-14/bin/initdb -D "$PGDATA" --username "$PGUSER"
   }
+  
+  chown -R "$PGUSER":"$PGUSER" "$PGDATA"
   chmod -R 0700 "$PGDATA"
 
   # internal start of server in order to allow set-up using psql-client

From d6b86a6b26139d23a70b23bec12c765efa2d9eb8 Mon Sep 17 00:00:00 2001
From: Breno <brenoqueirozvds@gmail.com>
Date: Tue, 21 Jan 2025 14:04:57 -0300
Subject: [PATCH 2/2] PRD-369 Removing chgrp permissions

---
 Dockerfile.rocky8    | 2 --
 docker-entrypoint.sh | 5 ++---
 2 files changed, 2 insertions(+), 5 deletions(-)

diff --git a/Dockerfile.rocky8 b/Dockerfile.rocky8
index 50b50d9..8824a6f 100644
--- a/Dockerfile.rocky8
+++ b/Dockerfile.rocky8
@@ -34,9 +34,7 @@ COPY docker-entrypoint.sh /
 COPY check-container /usr/libexec/
 RUN chmod a+xr /docker-entrypoint.sh \
  && usermod -a -G root postgres \
- && chgrp -R root "/var/lib/pgsql/" \
  && chmod g+rwX "/var/lib/pgsql/" \
- && chgrp -R root "/var/run/postgresql" \
  && chmod g+rw "/var/run/postgresql" \
  && chmod ug+x "/usr/libexec/check-container" \
   ;
diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh
index 036a0ac..c10671e 100755
--- a/docker-entrypoint.sh
+++ b/docker-entrypoint.sh
@@ -6,7 +6,7 @@ PGCTL="/usr/pgsql-14/bin/pg_ctl"
 
 if [ -f "${PGDATA}initialized" ]; then
   echo "Database already initialized" 1>&2
-  chmod -R 0700 "$PGDATA"
+  chmod -R 0770 "$PGDATA"
 else
   # REQUIRED VARS CHECK
   [[ -z "${POSTGRESQL_DATABASE}" || "${POSTGRESQL_DATABASE}" == *'"'* ]] && {
@@ -34,8 +34,7 @@ else
     LANG=${LANG:-en_US.utf8} /usr/pgsql-14/bin/initdb -D "$PGDATA" --username "$PGUSER"
   }
   
-  chown -R "$PGUSER":"$PGUSER" "$PGDATA"
-  chmod -R 0700 "$PGDATA"
+  chmod -R 0770 "$PGDATA"
 
   # internal start of server in order to allow set-up using psql-client
   # does not listen on external TCP/IP and waits until start finishes