Update i_u_m_install.md

Dieser Commit ist enthalten in:
André Peters 2020-05-19 15:10:13 +02:00 committet von GitHub
Ursprung 15378e7eb0
Commit 9eb03a0146
Es konnte kein GPG-SchlĂĽssel zu dieser Signatur gefunden werden
GPG-SchlĂĽssel-ID: 4AEE18F83AFDEB23

Datei anzeigen

@ -25,13 +25,15 @@ chmod +x /usr/local/bin/docker-compose
Please use the latest Docker engine available and do not use the engine that ships with your distros repository.
**2\.** Clone the master branch of the repository, make sure your umask equals 0022.
**2\.** Clone the master branch of the repository, make sure your umask equals 0022. Please clone the repository as root user and also control the stack as root. We will modify attributes - if necessary - while boostrapping the containers automatically and make sure everything is secured. The update.sh script must therefore also be run as root. It might be necessary to change ownership and other attributes of files you will otherwise not have access to. **We drop permissions for every exposed application** and will not run an exposed service as root! Controlling the Docker daemon as non-root user does not give you additional security. The unprivileged user will spawn the containers as root likewise. The behaviour of the stack is identical.
```
umask
# 0022
cd /opt
git clone https://github.com/mailcow/mailcow-dockerized
cd mailcow-dockerized
$ su
# umask
0022 # <- Verify it is 0022
# cd /opt
# git clone https://github.com/mailcow/mailcow-dockerized
# cd mailcow-dockerized
```
**3\.** Generate a configuration file. Use a FQDN (`host.domain.tld`) as hostname when asked.