By: Mohan Venkataramana user 10 Apr 2019 at 12:12 p.m. CDT

1 Response

Gluu document states it has to be running as a root account. However, keeping a program running unattended in an account logged in as root in production seems to be a security risk. Is there a way I can run a gluu server in production in a more secure way? Thanks, Mohan.

Debian 9.0

closed

By Aliaksandr Samuseu staff 10 Apr 2019 at 3 p.m. CDT

Copy

Hi, Mohan. It's not possible for now, at least for Gluu Server CE (I believe some future plans of implementing this feature in other flavours of it were discussed before; may be my colleagues will be able to expand on this). Just wanted to note that the actual backend services accessible from outside world are not running under root user (at least, they shouldn't). You can verify this by yourself by moving into container and running `# ps -aux | grep -i 'java\|httpd'` command. Most of them run under `jetty` user, OpenDJ is under `ldap` and Apache is under `apache`. You need to be a root to start, stop and access container, for maintenance purposes only.

You need to Login in order to post an answer

Gluu running as non root user

By: Mohan Venkataramana user 10 Apr 2019 at 12:12 p.m. CDT

Answers

By Aliaksandr Samuseu staff 10 Apr 2019 at 3 p.m. CDT

Post an answer