We use cookies to ensure you get the best experience on our website
Etusivu Tutki Apua
Rekisteröidy Kirjaudu sisään
0ct0pu5
/
moby
1
0
Fork 0
Tiedostot Ongelmat 0 Pull-pyynnöt 0 Wiki
Selaa lähdekoodia

docker-login man/doc add security info

Signed-off-by: Sally O'Malley <somalley@redhat.com>
Sally O'Malley 9 vuotta sitten
vanhempi
05a4cb2221
commit
f9657819cd
2 muutettua tiedostoa jossa 22 lisäystä ja 0 poistoa
Yhdistetty näkymä Näytä diff tilastot
  1. 13 0
      docs/reference/commandline/login.md
  2. 9 0
      man/docker-login.1.md

+ 13 - 0
docs/reference/commandline/login.md
Näytä tiedosto 

@@ -25,3 +25,16 @@ adding the server name.
 
 
 
     example:
 
     example:
 
     $ docker login localhost:8080
 
     $ docker login localhost:8080
 
+
 
+
 
+`docker login` requires user to use `sudo` or be `root`, except when: 
+
 
+1.  connecting to a remote daemon, such as a `docker-machine` provisioned `docker engine`.
 
+2.  user is added to the `docker` group.  This will impact the security of your system; the `docker` group is `root` equivalent.  See [Docker Daemon Attack Surface](https://docs.docker.com/articles/security/#docker-daemon-attack-surface) for details. 
+
 
+You can log into any public or private repository for which you have
 
+credentials.  When you log in, the command stores encoded credentials in
 
+`$HOME/.docker/config.json` on Linux or `%USERPROFILE%/.docker/config.json` on Windows.
 
+
 
+> **Note**:  When running `sudo docker login` credentials are saved in `/root/.docker/config.json`.
 
+>

+ 9 - 0
man/docker-login.1.md
Näytä tiedosto 

@@ -18,10 +18,18 @@ Register or log in to a Docker Registry located on the specified
 
 do not specify a `SERVER`, the command uses Docker's public registry located at
 
 do not specify a `SERVER`, the command uses Docker's public registry located at
 
 `https://registry-1.docker.io/` by default.  To get a username/password for Docker's public registry, create an account on Docker Hub.
 
 `https://registry-1.docker.io/` by default.  To get a username/password for Docker's public registry, create an account on Docker Hub.
 
 
 
+`docker login` requires user to use `sudo` or be `root`, except when: 
+
 
+1.  connecting to  a remote daemon, such as a `docker-machine` provisioned `docker engine`.
 
+2.  user is added to the `docker` group.  This will impact the security of your system; the `docker` group is `root` equivalent.  See [Docker Daemon Attack Surface](https://docs.docker.com/articles/security/#docker-daemon-attack-surface) for details. 
+
 
 You can log into any public or private repository for which you have
 
 You can log into any public or private repository for which you have
 
 credentials.  When you log in, the command stores encoded credentials in
 
 credentials.  When you log in, the command stores encoded credentials in
 
 `$HOME/.docker/config.json` on Linux or `%USERPROFILE%/.docker/config.json` on Windows.
 
 `$HOME/.docker/config.json` on Linux or `%USERPROFILE%/.docker/config.json` on Windows.
 
 
 
+> **Note**: When running `sudo docker login` credentials are saved in `/root/.docker/config.json`.
 
+>
 
+
 
 # OPTIONS
 
 # OPTIONS
 
 **-e**, **--email**=""
 
 **-e**, **--email**=""
 
    Email
 
    Email
 
@@ -49,3 +57,4 @@ April 2014, Originally compiled by William Henry (whenry at redhat dot com)
 
 based on docker.com source material and internal work.
 
 based on docker.com source material and internal work.
 
 June 2014, updated by Sven Dowideit <SvenDowideit@home.org.au>
 
 June 2014, updated by Sven Dowideit <SvenDowideit@home.org.au>
 
 April 2015, updated by Mary Anthony for v2 <mary@docker.com>
 
 April 2015, updated by Mary Anthony for v2 <mary@docker.com>
 
+November 2015, updated by Sally O'Malley <somalley@redhat.com>

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5