Hi there,

we are about to migrate to the docker/kubernetes platform. Due to security reasons, we do not allow containers to run as privileged user. However using the "user: app" directive to let the container run as user app (which seems to own most of the processes) the container refuses to start with the following message:

chown: changing ownership of '/tmp/tmp.OhyH3jj8gx': Operation not permitted

I checked with starting it in privileged mode and there seems to be two such temp files.
One belongs to root:root and one to postgres:root.

It would be nice if the docker container will be assembled in that way, that it supports running in unprivileged mode.

If some one has already fixed it by deriving from that container (openproject/community:7.4.7 to 8.2.1), I would be glad to hear.

Cheers

Stefan