docker-library
/
docs
mirror of https://github.com/docker-library/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #175 from md5/jetty-user-setuid 

Document use of `setuid` module and user `jetty`
This commit is contained in:
yosifkit 2015-03-03 08:25:27 -08:00
parent 3ab3cf1f34 57b29ca97e
commit a8e245a749
2 changed files with 22 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
jetty/README.md
View File

@ -28,13 +28,22 @@ You can then go to `http://localhost:8888` or `http://host-ip:8888` in a browser
The default Jetty environment in the image is:
JETTY_HOME = /usr/local/jetty
JETTY_BASE = /var/lib/jetty
JETTY_CONF = /usr/local/jetty/etc/jetty.conf
JETTY_STATE = /usr/local/jetty/jetty.state
JETTY_STATE = /var/lib/jetty/jetty.state
JETTY_ARGS =
JAVA_OPTIONS =
TMPDIR = /tmp
Webapps can be [deployed](https://wiki.eclipse.org/Jetty/Howto/Deploy_Web_Applications) in `/usr/local/jetty/webapps`.
Webapps can be [deployed](https://wiki.eclipse.org/Jetty/Howto/Deploy_Web_Applications) in `/var/lib/jetty/webapps`.
# Security
By default, this image starts as user `root` and uses Jetty's `setuid` module to drop privileges to user `jetty` after initialization. The `JETTY_BASE` directory at `/var/lib/jetty` is owned by `jetty:jetty` (uid 999, gid 999).
If you would like the image to start immediately as user `jetty` instead of starting as `root`, you can start the container with `-u jetty`:
docker run -d -u jetty jetty:9
# License

13
jetty/content.md
View File

@ -21,10 +21,19 @@ You can then go to `http://localhost:8888` or `http://host-ip:8888` in a browser
The default Jetty environment in the image is:
JETTY_HOME = /usr/local/jetty
JETTY_BASE = /var/lib/jetty
JETTY_CONF = /usr/local/jetty/etc/jetty.conf
JETTY_STATE = /usr/local/jetty/jetty.state
JETTY_STATE = /var/lib/jetty/jetty.state
JETTY_ARGS =
JAVA_OPTIONS =
TMPDIR = /tmp
Webapps can be [deployed](https://wiki.eclipse.org/Jetty/Howto/Deploy_Web_Applications) in `/usr/local/jetty/webapps`.
Webapps can be [deployed](https://wiki.eclipse.org/Jetty/Howto/Deploy_Web_Applications) in `/var/lib/jetty/webapps`.
# Security
By default, this image starts as user `root` and uses Jetty's `setuid` module to drop privileges to user `jetty` after initialization. The `JETTY_BASE` directory at `/var/lib/jetty` is owned by `jetty:jetty` (uid 999, gid 999).
If you would like the image to start immediately as user `jetty` instead of starting as `root`, you can start the container with `-u jetty`:
docker run -d -u jetty jetty:9