Skip to content

Give user an option to run shiny-server as root #391

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 17 commits into
base: master
Choose a base branch
from
Open

Give user an option to run shiny-server as root #391

wants to merge 17 commits into from

Conversation

@haobibo
Copy link

@haobibo haobibo commented Mar 5, 2019

Currently, if the user runs the process of shiny-server in root and defines run_as to root, the shiny-server will abort.
It is possible (and secure) to allow users to run the process in root and run_as root?

@haobibo
Copy link
Author

haobibo commented Mar 5, 2019

@jcheng5 will appreciate it if you can provide any feedback/comments!

@jcheng5
Copy link
Member

jcheng5 commented Apr 17, 2019

I can't in good conscience accept this--the risks are so huge. Is there a reason you can't run as a different user?

@haobibo
Copy link
Author

haobibo commented Apr 17, 2019

Thank you @jcheng5 for your feedback!

I'm running shiny-server inside a Docker container, which isolates all environment inside the container: both file system and processes:https://github.com/QPod/docker-images

I chose to use the root user inside docker for simplicity reasons, where a user can do everything inside the container, and risks are isolated/controlled by docker.

I understand there is un-ignorable risk to run shiny-server as the root user.
While giving users an option can be helpful to users who intended to run shiny-server as root.
Here are some reference cases which provide an --allow-root in other software/programs:

jcheng5 and others added 16 commits May 9, 2019 12:46
@jcheng5
Upgrade Node.js to v10.15.3
4aa3264
@jcheng5
Changes for v10.15.3 compatibility
6d34ca9 
- Buffer constructor is deprecated, use .from and .alloc instead
- Fix v8.h related compiler warnings
@jcheng5
Fix unit tests, upgrade all dependencies
a728fb6
@jcheng5
Merge pull request #393 from rstudio/joe/misc/node-10-15-3
dc19885 
Upgrade Node.js to v10.15.3
@jcheng5
Add "Apache License, Version 2.0" to list of accepted licenses
1a31df3
@jcheng5
Don't include testing dependencies in installer
0ef2952
@alandipert
Merge pull request #394 from rstudio/joe/misc/dev-deps
c14242c 
Exclude testing-related npm packages from installer
@jcheng5
Install all dependencies before running tests
cb6cd72
@alandipert
Merge pull request #395 from rstudio/joe/bugfix/install-dev-deps-befo…
675fd15 
…re-test

Install all dependencies before running tests
@jcheng5
Try to fix build
7992e52
@jcheng5
Don't install all modules from Jenkinsfile, instead from script
42053b7 
The script does a lot of work to set up the right environment
@jcheng5
Still trying to fix the build
62e08c5 
Was running npm from the wrong directory
@jcheng5
oracle-java8-installer no longer available, use openjdk
c120427
@trestletech
Drop support for EOL'd Ubuntu
f03342e 
We're still a couple of week away from dropping Ubuntu 14.04 so holding off on that one. https://www.rstudio.com/about/platform-support/
@haobibo
Give user an option to run shiny-server as root
a3f8982
@haobibo
Merge branch 'patch-1' of github.com:haobibo/shiny-server into patch-1
7740713
@jennybc jennybc mentioned this pull request Sep 29, 2021
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@haobibo @jcheng5 @alandipert @trestletech