on a VPS running BigBlueButton which includes Docker, I was asked to add several containers to host more services. I noticed a very strange problem when installing Murmur through a modified version of this docker-compose, affecting both the keys created by Let's Encrypt for the domain name and the folders created by the docker-compose itself :
the files are not owned by root or the administrator account as they should be but they're owned by a system user, red5.
The folder of the docker-compose:
drwxr-xr-x 5 ubuntu ubuntu 4.0K Jul 20 11:47 .
drwxr-xr-x 8 ubuntu ubuntu 4.0K Jul 15 14:17 ..
drwxr-xr-x 2 red5 red5 4.0K Jul 20 11:37 config
drwxr-xr-x 2 red5 red5 4.0K Jul 20 11:37 data
-rw-r--r-- 1 ubuntu ubuntu 514 Jul 20 11:47 docker-compose.yml
drwxr-xr-x 2 red5 red5 4.0K Jul 20 11:37 log
The folder of the keys:
[...]
drwxr-xr-x 2 root root 4.0K Jun 26 14:30 **************************
drwxr-xr-x 2 red5 red5 4.0K Jul 20 11:37 mumble.*******************
And the keys inside are of course owned by red5.
I tried to check the /etc/passwd file, here's red5's line:
red5:x:999:999:red5 user-daemon:/usr/share/red5:/bin/false
It's pretty much as it should be, the only thing I noticed is that its UID and GID are 999, while the admin account is 1000 and the root account 0. Could it be some weird kind of bug ?
I also checked my docker-compose and the Dockerfile of murmur, everything is fine I think. The keys/cert/nginx config as well as the container and related folders were removed and rebuilt. Still the same.
The logs of letsencrypt, docker show nothing when grepped with "red5" and syslog as well as red5 only show legitimate action with bigbluebutton.
Thank you for your help, I'm quite puzzled (and a little bit paranoid too). I'd tend to be in favour of rebuilding the server from scratch as it is some kind of an intern's lab-experimentation gradually turned into a production server anyway.
