Security issue with sudo

[rooch84]

I'm not convinced it's the best approach to give the remote user sudo access to all commands without a password, especially when the user has password-free ssh access via rsa.

Is it possible to list the commands required by the remote user, so we can specifically add them to the sudo list? In fact, do they require anything other than docker commands? In which case adding the user to the docker group should be enough to run without sudo.

I'd be interested to hear people's thoughts in this.

[yorrd]

Yes. Most of all: we just don't have root permission on many deploy servers. We could ask the sysadmin to install docker for our clients but they won't ever give us full root permission.

I'd really appreciate if we'd have the option to

1. use an existing docker, install an image by ourselves and then use that or
2. add the user to the docker group and only permit specific commands or
3. have an option that works locally (I deploy meteor out of a single directory, no root permission needed (except for the proxy to port 80))

I'd much prefer option 3, but I realize you have committed to the docker approach.

In any way, I think this would be a much needed improvement for everyone using this in a real-world production scenario and not just on their own test servers or root servers

[zodern]

I would like to reduce the use of sudo. The two main uses are:

1. every docker command is prefixed with sudo since some people use mup with a non-root user that isn't part of the docker group.
2. When creating directories in /opt. Mup then runs chown to change their owner to the user mup is using.

For 1), I am thinking of requiring the user to be part of the docker group in Mup 2.

[RorFis]

Any news on this ? I'd like to avoid giving users full root permissions.