Hi Jean,
yes, I guess you are right that currently there is no mechanism to do
this and as there is no strong reason to not have it, it would be great
to bring the Dockerfile forward here.
What comes to my mind in this context: Such changes could lead to
incompatibilities/problems with the ownership on data (i.e. existing
geoserver data dirs), but I'd be really happy to find a backward
compatible solution.
So feel free to open a PR with such changes. We can discuss it then on
github.
Best regards
Nils
On 9/10/24 09:36, Jean Pommier wrote:
Hi,
From what I can see in
https://github.com/geoserver/docker/blob/master/Dockerfile, there is
no mechanism in place in the geoserver docker image to support running
it as non-privileged user.
Is there a strong reason why not ? This is usually considered a good
practice not to run the docker containers as root, if it can be prevented.
The geOrchestra geoserver image, for instance, runs as uid 999. But it
is not using tomcat (uses jetty), which might change a bit the
context, I no expert on tomcat, but I believe this should not be too
complicated to set up.
I'd gladly spend some time working on the feature, if you see no
objection to it and think it would be of interest.
Best
Jean
--
*Jean Pommier -- pi-Geosolutions*
Ingénieur, consultant indépendant
Tél. : (+33) 6 09 23 21 36
E-mail : j...@pi-geosolutions.fr
Web : www.pi-geosolutions.fr <http://www.pi-geosolutions.fr>
linkedin : jean-pommier <https://www.linkedin.com/in/jean-pommier/>
_______________________________________________
Geoserver-devel mailing list
Geoserver-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-devel
_______________________________________________
Geoserver-devel mailing list
Geoserver-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-devel
