Two remarks about the Docker container: Drop root privileges #66
Comments
|
Hi, thanks for suggestions. Dropping the root privilegesThis is probably a good idea, however there are two things that you need to make sure:
--user=99 # or whatever used id you have as an owner of the data folder
-e ROCKET_PORT=8080 -p 80:8080This way you can run your container with non-root user. Now doing this as a default is a bit complicated as it complicates the usage for not so big benefit in many cases. (remember a lot of people run this only internally plus the root user inside the container is already quite limited in what it can do) Also this would break the setup for people already using the image. So I'd probably document the above to explain how to do this if you really want, but leave the root as default. Hope that makes sense. Graceful shutdownI believe this is depending on this issue in the rocket to be resolved. We can change the STOPSIGNAL in the Dockerfile to maybe kill straight away, but it won't be graceful anyways so I'm not sure if that makes sense? I'd say it might be worth doing it now, but we need to monitor the upstream issue to make the shutdown graceful once it's resolved. |
mprasil
added
documentation
|
Many thanks, @mprasil! Running with lower privileges works fine: |
|
I've created the PR to add the info to documentation. As for the graceful shutdown, we can revisit that once the upstream bug is fixed. |
Document running container with lower privileges (fixes #66)
|
Many thanks! |
|
It seems that there is still no gracefull shutdown, |
|
If there is any transaction in progress, then that info might be lost, but the database shouldn't be corrupted by the process getting killed. It's not the best solution, but it'll have to work for now. Rocket's plan for the next release was to update to the next hyper release to enable asynchronous functionality, the blocker for the graceful shutdown is precisely that rocket is using an older hyper version, so hopefully this won't be a problem soon. |
|
Thanks a lot for the update. Currently |
Graceful shutdownGiven #246 I didn't want to open another issue, however I'd like to have an (open) issue to refer to. I had a look and the upstream dependency tree grows to infinity and beyond (even config files!), so I don't think this will be solved (in
seems like a good idea, no reason to block who-knows-what downstream for 10 seconds for no benefit whatsoever. So, it'd be swell if this issue could be reopened for tracking purposes, and the title edited to "graceful shutdown and root privileges" (the latter half, while trivial, kept for search). EDIT: Hm, I only now noticed the close via doc-commit (about root), which is too bad as there's subsequent useful discussion here about the lack of graceful shutdown. Oh well; I suppose my request should then be disregarded. |
|
As you mention, the non-root setup is documented in the wiki: https://github.com/dani-garcia/bitwarden_rs/wiki/Running-the-server-with-non-root-user. About graceful shutdown, that's coming in rockets new version, there's a preview available here: |
Document running container with lower privileges (fixes dani-garcia#66)
I've got two suggestions about @mprasil's Docker container:
docker stopcommand, the container won't stop gracefully but wait to be killed after the default timeout of 10 secs and then quit with a non-zero exit code. Could the container react properly tostopcommands?Many thanks to @mprasil for the container and, of course, @dani-garcia for the Rust implementation!
The text was updated successfully, but these errors were encountered: