gluster-containers icon indicating copy to clipboard operation
gluster-containers copied to clipboard
verified publisher icon gluster

how to turn off systemd-logind and systemd-journald processes in this image

Open sa9226 opened this issue 7 years ago • 1 comments

We had some security issue rasied by our security team that processes inside container for systemd-logind and systemd-journald are interfering the nodelevel. How to turn off these? Is it enough to add below to Dockerfile? Please advise.

RUN systemctl disable systemd-journald RUN systemctl disable systemd-logind

sa9226 avatar Feb 03 '19 15:02 sa9226

It is better if you could disable them using : RUN systemctl mask systemd-journald.socket RUN systemctl mask systemd-journald.service

and RUN systemctl mask systemd-logind.service

SaravanaStorageNetwork avatar Feb 04 '19 04:02 SaravanaStorageNetwork