40n8.me/baseimage-docker
1
0
Fork 0
mirror of /repos/baseimage-docker.git synced 2025-12-30 08:01:31 +01:00
Code Issues Releases Wiki Activity

Update documentation

Browse Source
This commit is contained in:
Hongli Lai (Phusion) 2014-06-20 11:33:10 +02:00
parent 7ac6795aa5
commit 0302713554
No known key found for this signature in database
GPG Key ID: 2AF96EB85EF4DA0D
2 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
Changelog.md
View File

@ -3,8 +3,10 @@
* Introduced the `docker-bash` tool. This is a shortcut tool for logging into a container using SSH. Usage: `docker-bash <CONTAINER ID>`. See the README for details. * Introduced the `docker-bash` tool. This is a shortcut tool for logging into a container using SSH. Usage: `docker-bash <CONTAINER ID>`. See the README for details.
* Fixed various process waiting issues in `my_init`. Closes GH-27, GH-82 and GH-83. Thanks to André Luiz dos Santos and Paul Annesley. * Fixed various process waiting issues in `my_init`. Closes GH-27, GH-82 and GH-83. Thanks to André Luiz dos Santos and Paul Annesley.
* The `ca-certificates` package is now installed by default. This is because we include `apt-transport-https`, but Ubuntu 14.04 no longer installs `ca-certificates` by default anymore. Closes GH-73. * The `ca-certificates` package is now installed by default. This is because we include `apt-transport-https`, but Ubuntu 14.04 no longer installs `ca-certificates` by default anymore. Closes GH-73.
* Output print by Runit services are now redirected to the Docker logs instead of to proctitle. Thanks to Paul Annesley.
* Container environment variables are now made available to SSH root shells. If you login with SSH through a non-root account, then container environment variables are only made available if that user is a member of the `docker_env` group. Thanks to Bernard Potocki.
* `add-apt-repository` is now installed by default. Closes GH-74. * `add-apt-repository` is now installed by default. Closes GH-74.
* Various minor fixes thanks to yebyen and John Eckhart. * Various minor fixes and contributions thanks to yebyen, John Eckhart, Christoffer Sawicki.
## 0.9.10 (release date: 2014-05-12) ## 0.9.10 (release date: 2014-05-12)

4
README.md
View File

@ -288,7 +288,9 @@ But note that:
<a name="envvar_security"></a> <a name="envvar_security"></a>
#### Security #### Security
Because environment variables can potentially contain sensitive information, `/etc/container_environment` and its Bash and JSON dumps are by default owned by root, and accessible only by docker_env group (so any user added this group will have these variables automatically loaded). If you are sure that your environment variables don't contain sensitive data, then you can relax the permissions on that directory and those files by making them world-readable: Because environment variables can potentially contain sensitive information, `/etc/container_environment` and its Bash and JSON dumps are by default owned by root, and accessible only by the `docker_env` group (so that any user added this group will have these variables automatically loaded).
If you are sure that your environment variables don't contain sensitive data, then you can also relax the permissions on that directory and those files by making them world-readable:
RUN chmod 755 /etc/container_environment RUN chmod 755 /etc/container_environment
RUN chmod 644 /etc/container_environment.sh /etc/container_environment.json RUN chmod 644 /etc/container_environment.sh /etc/container_environment.json