Resolve the problem that Docker must use sudo operation

The operation steps are as follows

1. Create an docker group: sudo groupadd docker

2. Add the current user to the docker group: sudo gpasswd-a ${USER} docker

3. Restart service: sudo service docker restart

4. Refresh docker members: newgrp-docker

[Note]: It was tested under ubuntu, but other linux were not tested.

Additional: docker installation under linux, and configuration to execute docker without sudo command

Installation

Execute the following command

wget -qO- https://get.docker.com/ | sh

Execute docker without the sudo command

Why do you need to create docker user groups?

The Docker waiting process is bound to an unix socket instead of an TCP port. The default owner of this socket is root, and the other is that the user can access this socket file using the sudo command. For this reason, the docker service processes run as the root account.

To avoid entering sudo every time you run the docker command, you can create an docker user group and add the corresponding users to this group. When the docker process starts, the socket is set to be read and written by users of the docker packet. In this way, as long as the users in the docker group can directly execute the docker command.

Warning: This dockergroup is equivalent to the root account. For details, please refer to this article: Docker Daemon AttackSurface.

1 Log in to the system with an account with sudo privileges.

2 Create an docker packet and add the corresponding users to this packet.

sudo usermod -aG docker your_username

3 Exit, and then log in again so that the permissions can take effect.

4 Make sure you can run the docker command directly.

$ docker run hello-world