From 089bafa5d46893cd2a3c5cd82c0a3743555becf9 Mon Sep 17 00:00:00 2001
From: Shane McDonald <me@shanemcd.com>
Date: Mon, 4 Nov 2019 11:01:08 -0500
Subject: [PATCH] Set setuid bit on bwrap

Related: https://github.com/ansible/awx/issues/5224
---
 installer/roles/image_build/templates/Dockerfile.j2 | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/installer/roles/image_build/templates/Dockerfile.j2 b/installer/roles/image_build/templates/Dockerfile.j2
index 64d712546e..2b31d41935 100644
--- a/installer/roles/image_build/templates/Dockerfile.j2
+++ b/installer/roles/image_build/templates/Dockerfile.j2
@@ -116,6 +116,9 @@ RUN for dir in /home/awx /var/log/tower /var/log/nginx /var/lib/nginx; \
 RUN for file in /etc/passwd /var/run/nginx.pid; \
   do touch $file; chmod -R g+rwx $file; chgrp -R root $file; done
 
+# https://github.com/ansible/awx/issues/5224
+RUN chmod u+s /usr/bin/bwrap
+
 VOLUME /var/lib/nginx
 RUN ln -sf /dev/stdout /var/log/nginx/access.log \
     && ln -sf /dev/stderr /var/log/nginx/error.log