search

poanetwork / deployment-azure

Azure Templates for deploying POA Network to on Azure Cloud
MIT License
7 stars 12 forks source link

Rights and folders #9

Closed phahulin closed 7 years ago

phahulin commented 7 years ago

By default azure downloads and runs installation script in /var/lib/waagent/custom-script/download/0/ under root. By default root doesn't have a password, i.e. you can run sudo any-command without password.

  1. Should we move all necessary files to /home/$ADMIN_USERNAME and change files ownership to $ADMIN_USERNAME?
  2. Should we make a password for sudo and ask it in cloud UI?
  3. Should we run docker as non-root that is still equivalent to root?
igorbarinov commented 7 years ago
  1. It will be easier for validators to move their files from /home when they will upgrade or migrate instances. It makes sense to move data
  2. Don't see a reason to do so. The admin user equals to root.
  3. Let's run as a non-root user.
phahulin commented 7 years ago

These are all resolved now as we've switched to parity binary and start all services as non-root user.