Add Docker workaround to avoid user mapping reqirement #1704
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This comes out of recent experiences over on CaSILE with new Git and Docker security measures. The effective user ID stuff is perfect for CaSILE that operates primarily on repositories not files, so writing as the directory owner almost always will make sense. I'm not so sure it is a match for SILE, hence the draft status. It might be better to actually parse the arguments passed to SILE to find the input file(s), then check their ownership. This would necessitate some extra logic to handle cases without an input file but with
-o
for output. Also we can do some debugging and see if we have any ENV information available now that we didn't have before, but this should get the process started before I forget how it works.