linux capabilities to read environment variables?

I’d like to run a service as a non-privileged user, but it needs to bind to a system port number (i.e. less than 1024), so I give it setcap ‘cap_net_bind_service=+ep’ <path for service>, all good. Problem is, on startup, the service reads environment vars and for some reason it can’t do that when it has […]

linux capabilities to read environment variables?

I’d like to run a service as a non-privileged user, but it needs to bind to a system port number (i.e. less than 1024), so I give it setcap ‘cap_net_bind_service=+ep’ <path for service>, all good. Problem is, on startup, the service reads environment vars and for some reason it can’t do that when it has […]

linux capabilities to read environment variables?

I’d like to run a service as a non-privileged user, but it needs to bind to a system port number (i.e. less than 1024), so I give it setcap ‘cap_net_bind_service=+ep’ <path for service>, all good. Problem is, on startup, the service reads environment vars and for some reason it can’t do that when it has […]

Categories
Mastering Development System & Network

Kill and remove container and its dependencies in docker-compose

Do I get it right that it is impossible to remove a tree of depending containers in docker-compose, unless it is not the complete project? I have one basic service all other containers depend on and I want to remove and to start all other containers, while keeping the main service running. However, on startup, […]

Categories
Development

How to replace the static keystore with a dynamic one for a spring-boot-application

I want to add/replace SSL certificates dynamically to my spring boot (tomcat) application without the need to restart it. I have a long way to go still, but currently I am stuck with a javax.crypto.BadPaddingException and don’t know why. So here is what I am trying to do. First, I am defining my own TomcatServletWebServerFactoryin […]