This release is mostly focused at fixing a few small bugs and implementing more restrictive security policies in containers.
An upgrade guide is available here.
- Configurable DNS servers in core configuration for docker containers.
- Bungeecord containers no longer spam up the console with ping information.
container:portin configuration files in place of
127.0.0.1for local resolving (i.e. Bungeecord).
- If an environment variable is set to null don't even send it to the docker container. Fixes unset variable check bug for Spigot building.
- Fixed startup sequence to actually mark status as starting as well as prevent querying server until completely started.
- Root filesystem in containers is now entirely read-only. Container applications can only write to
- Prevent logging server output through docker logging methods. Fixes a potential DoS attack vector (and also saves space).
- Drops the following capabilities from containers:
setfcapin addition to default dropped capabilities.
- Containers are now in isolated networks and unable to directly connect to a container's specific IP address. The daemon will automatically create this network interface on boot.