You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Heroku-24 isn't yet available, however, I was curious what impact this user change will have on our existing CNBs, so backported equivalent changes to Heroku-22 in this builder repo branch: heroku/cnb-builder-images@main...edmorley/split-user-test
DOCUMENT_ROOT changed to 'web/'
Assuming 512MB of RAM
PHP memory_limit is 128M Bytes
Starting php-fpm with 4 workers...
Starting httpd...
(13)Permission denied: AH00091: httpd: could not open error log file /layers/heroku_php/webservers/var/apache2/log/error_log.
AH00015: Unable to open logs
Process exited unexpectedly: httpd, shutting down...
Stopping php-fpm gracefully...
Shutdown complete.
The CNB should configure Apache to write the logs to /tmp or $HOME (both of which are guaranteed by the spec to be writeable at runtime, unlike /layers or the app directory).
Note: Even if we decide not to use separate users for Heroku-24, other platforms already use separate users (or read-only /layers), so our buildpacks need to handle this case.
The text was updated successfully, but these errors were encountered:
The upstream CNB spec now states that the build and run images should use different Linux users:
https://github.com/buildpacks/spec/blob/main/platform.md#run-image
https://github.com/buildpacks/rfcs/blob/main/text/0085-run-uid.md
As such, for Heroku-24 we've switched to using the
heroku-build
user for the build, and theheroku
user for the run image:https://github.com/heroku/base-images/blob/6af6d3a1b20b684402691b59f9bb360766935f97/heroku-24/setup.sh#L200-L201
Heroku-24 isn't yet available, however, I was curious what impact this user change will have on our existing CNBs, so backported equivalent changes to Heroku-22 in this builder repo branch:
heroku/cnb-builder-images@main...edmorley/split-user-test
The CI run for it shows the issue for the PHP CNB:
https://github.com/heroku/cnb-builder-images/actions/runs/8326016245/job/22780888755
The CNB should configure Apache to write the logs to
/tmp
or$HOME
(both of which are guaranteed by the spec to be writeable at runtime, unlike/layers
or the app directory).Note: Even if we decide not to use separate users for Heroku-24, other platforms already use separate users (or read-only
/layers
), so our buildpacks need to handle this case.The text was updated successfully, but these errors were encountered: