From d7be0b140da5e9ccddd0eab818e89e088ab1d5ef Mon Sep 17 00:00:00 2001
From: Tianon Gravi <admwiggin@gmail.com>
Date: Tue, 21 Apr 2015 15:24:42 -0600
Subject: [PATCH] Change permissions handling to be more conservative

This allows things like bind-mounting into `/var/www/html/wp-content/themes/example` and not clobbering host permissions, making theme development and testing much simpler (change PHP file on host, reload page, etc).
---
 apache/Dockerfile           | 3 ++-
 apache/docker-entrypoint.sh | 4 ++--
 docker-entrypoint.sh        | 4 ++--
 fpm/Dockerfile              | 3 ++-
 fpm/docker-entrypoint.sh    | 4 ++--
 5 files changed, 10 insertions(+), 8 deletions(-)

diff --git a/apache/Dockerfile b/apache/Dockerfile
index aee31a0208..754c1834ca 100644
--- a/apache/Dockerfile
+++ b/apache/Dockerfile
@@ -18,7 +18,8 @@ ENV WORDPRESS_SHA1 9e9745bb8a1166622de866076eac73a49cb3eba0
 RUN curl -o wordpress.tar.gz -SL https://wordpress.org/wordpress-${WORDPRESS_UPSTREAM_VERSION}.tar.gz \
 	&& echo "$WORDPRESS_SHA1 *wordpress.tar.gz" | sha1sum -c - \
 	&& tar -xzf wordpress.tar.gz -C /usr/src/ \
-	&& rm wordpress.tar.gz
+	&& rm wordpress.tar.gz \
+	&& chown -R www-data:www-data /usr/src/wordpress
 
 COPY docker-entrypoint.sh /entrypoint.sh
 
diff --git a/apache/docker-entrypoint.sh b/apache/docker-entrypoint.sh
index a93ba803cb..6b79b517a9 100755
--- a/apache/docker-entrypoint.sh
+++ b/apache/docker-entrypoint.sh
@@ -56,6 +56,7 @@ if ! [ -e index.php -a -e wp-includes/version.php ]; then
 			</IfModule>
 			# END WordPress
 		EOF
+		chown www-data:www-data .htaccess
 	fi
 fi
 
@@ -70,6 +71,7 @@ if (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROT
 }
 
 EOPHP
+	chown www-data:www-data wp-config.php
 fi
 
 set_config() {
@@ -140,6 +142,4 @@ if (!$mysql->query('CREATE DATABASE IF NOT EXISTS `' . $mysql->real_escape_strin
 $mysql->close();
 EOPHP
 
-chown -R www-data:www-data .
-
 exec "$@"
diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh
index a93ba803cb..6b79b517a9 100755
--- a/docker-entrypoint.sh
+++ b/docker-entrypoint.sh
@@ -56,6 +56,7 @@ if ! [ -e index.php -a -e wp-includes/version.php ]; then
 			</IfModule>
 			# END WordPress
 		EOF
+		chown www-data:www-data .htaccess
 	fi
 fi
 
@@ -70,6 +71,7 @@ if (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROT
 }
 
 EOPHP
+	chown www-data:www-data wp-config.php
 fi
 
 set_config() {
@@ -140,6 +142,4 @@ if (!$mysql->query('CREATE DATABASE IF NOT EXISTS `' . $mysql->real_escape_strin
 $mysql->close();
 EOPHP
 
-chown -R www-data:www-data .
-
 exec "$@"
diff --git a/fpm/Dockerfile b/fpm/Dockerfile
index 9e827b8f52..9dbc3bec45 100644
--- a/fpm/Dockerfile
+++ b/fpm/Dockerfile
@@ -16,7 +16,8 @@ ENV WORDPRESS_SHA1 9e9745bb8a1166622de866076eac73a49cb3eba0
 RUN curl -o wordpress.tar.gz -SL https://wordpress.org/wordpress-${WORDPRESS_UPSTREAM_VERSION}.tar.gz \
 	&& echo "$WORDPRESS_SHA1 *wordpress.tar.gz" | sha1sum -c - \
 	&& tar -xzf wordpress.tar.gz -C /usr/src/ \
-	&& rm wordpress.tar.gz
+	&& rm wordpress.tar.gz \
+	&& chown -R www-data:www-data /usr/src/wordpress
 
 COPY docker-entrypoint.sh /entrypoint.sh
 
diff --git a/fpm/docker-entrypoint.sh b/fpm/docker-entrypoint.sh
index a93ba803cb..6b79b517a9 100755
--- a/fpm/docker-entrypoint.sh
+++ b/fpm/docker-entrypoint.sh
@@ -56,6 +56,7 @@ if ! [ -e index.php -a -e wp-includes/version.php ]; then
 			</IfModule>
 			# END WordPress
 		EOF
+		chown www-data:www-data .htaccess
 	fi
 fi
 
@@ -70,6 +71,7 @@ if (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROT
 }
 
 EOPHP
+	chown www-data:www-data wp-config.php
 fi
 
 set_config() {
@@ -140,6 +142,4 @@ if (!$mysql->query('CREATE DATABASE IF NOT EXISTS `' . $mysql->real_escape_strin
 $mysql->close();
 EOPHP
 
-chown -R www-data:www-data .
-
 exec "$@"