By: Mohan Venkataramana user 10 Apr 2019 at 12:12 p.m. CDT

1 Response
Mohan Venkataramana gravatar
Gluu document states it has to be running as a root account. However, keeping a program running unattended in an account logged in as root in production seems to be a security risk. Is there a way I can run a gluu server in production in a more secure way? Thanks, Mohan.

By Aliaksandr Samuseu staff 10 Apr 2019 at 3 p.m. CDT

Aliaksandr Samuseu gravatar
Hi, Mohan. It's not possible for now, at least for Gluu Server CE (I believe some future plans of implementing this feature in other flavours of it were discussed before; may be my colleagues will be able to expand on this). Just wanted to note that the actual backend services accessible from outside world are not running under root user (at least, they shouldn't). You can verify this by yourself by moving into container and running `# ps -aux | grep -i 'java\|httpd'` command. Most of them run under `jetty` user, OpenDJ is under `ldap` and Apache is under `apache`. You need to be a root to start, stop and access container, for maintenance purposes only.