From ab05e3f381eac95bccd0d39a73c985339d1d6906 Mon Sep 17 00:00:00 2001
From: Ivan Savcic <ivans@vast.com>
Date: Mon, 4 Nov 2024 18:11:00 +0100
Subject: [PATCH] Fix /tmp/modsecurity/* permissions so nginx workers can write
 to them

---
 openresty/Dockerfile-alpine | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/openresty/Dockerfile-alpine b/openresty/Dockerfile-alpine
index f1e38da..b261065 100644
--- a/openresty/Dockerfile-alpine
+++ b/openresty/Dockerfile-alpine
@@ -236,8 +236,9 @@ RUN set -eux; \
     mkdir /var/log/nginx; \
     mkdir -p /tmp/modsecurity/data; \
     mkdir -p /tmp/modsecurity/upload; \
-    mkdir -p /tmp/modsecurity/tmp; \ 
+    mkdir -p /tmp/modsecurity/tmp; \
     mkdir -p /usr/local/modsecurity; \
+    chown -R nobody:nobody /tmp/modsecurity; \
     # Comment out the SecDisableBackendCompression option since it is not supported in V3
     sed -i 's/^\(SecDisableBackendCompression .*\)/# \1/' /usr/local/openresty/nginx/templates/modsecurity.d/modsecurity-override.conf.template; \
     ln -s /usr/local/modsecurity/lib/libmodsecurity.so.${MODSEC3_VERSION} /usr/local/modsecurity/lib/libmodsecurity.so.3.0; \