1berry/docker-cli
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

docker-login man/doc add security info

Browse Source 
Signed-off-by: Sally O'Malley <somalley@redhat.com>
This commit is contained in:
Sally O'Malley 2015-11-02 17:20:38 -05:00 committed by Tibor Vass
parent e1f83cb82b
commit d6bac18914
2 changed files with 22 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
docs/reference/commandline/login.md
View File

@ -25,3 +25,16 @@ adding the server name.
example: example:
$ docker login localhost:8080 $ docker login localhost:8080
`docker login` requires user to use `sudo` or be `root`, except when:
1. connecting to a remote daemon, such as a `docker-machine` provisioned `docker engine`.
2. user is added to the `docker` group. This will impact the security of your system; the `docker` group is `root` equivalent. See [Docker Daemon Attack Surface](https://docs.docker.com/articles/security/#docker-daemon-attack-surface) for details.
You can log into any public or private repository for which you have
credentials. When you log in, the command stores encoded credentials in
`$HOME/.docker/config.json` on Linux or `%USERPROFILE%/.docker/config.json` on Windows.
> **Note**: When running `sudo docker login` credentials are saved in `/root/.docker/config.json`.
>

9
man/docker-login.1.md
View File

@ -18,10 +18,18 @@ Register or log in to a Docker Registry located on the specified
do not specify a `SERVER`, the command uses Docker's public registry located at do not specify a `SERVER`, the command uses Docker's public registry located at
`https://registry-1.docker.io/` by default. To get a username/password for Docker's public registry, create an account on Docker Hub. `https://registry-1.docker.io/` by default. To get a username/password for Docker's public registry, create an account on Docker Hub.
`docker login` requires user to use `sudo` or be `root`, except when:
1. connecting to a remote daemon, such as a `docker-machine` provisioned `docker engine`.
2. user is added to the `docker` group. This will impact the security of your system; the `docker` group is `root` equivalent. See [Docker Daemon Attack Surface](https://docs.docker.com/articles/security/#docker-daemon-attack-surface) for details.
You can log into any public or private repository for which you have You can log into any public or private repository for which you have
credentials. When you log in, the command stores encoded credentials in credentials. When you log in, the command stores encoded credentials in
`$HOME/.docker/config.json` on Linux or `%USERPROFILE%/.docker/config.json` on Windows. `$HOME/.docker/config.json` on Linux or `%USERPROFILE%/.docker/config.json` on Windows.
> **Note**: When running `sudo docker login` credentials are saved in `/root/.docker/config.json`.
>
# OPTIONS # OPTIONS
**-e**, **--email**="" **-e**, **--email**=""
Email Email
@ -49,3 +57,4 @@ April 2014, Originally compiled by William Henry (whenry at redhat dot com)
based on docker.com source material and internal work. based on docker.com source material and internal work.
June 2014, updated by Sven Dowideit <SvenDowideit@home.org.au> June 2014, updated by Sven Dowideit <SvenDowideit@home.org.au>
April 2015, updated by Mary Anthony for v2 <mary@docker.com> April 2015, updated by Mary Anthony for v2 <mary@docker.com>
November 2015, updated by Sally O'Malley <somalley@redhat.com>