Implementation that the Docker command enables ordinary users to execute
- 2021-10-25 08:19:32
- OfStack
After installing docker1, there will be docker user group
Step 2, add the current user to the docker group
sudo gpasswd -a ${USER} docker
Step 3: Restart docker
sudo systemctl restart docker
Step 4: Grant read and write permissions
sudo chmod a+rw /var/run/docker.sock
Add: Non-root users do not have permission to use docker
Prompt no permission when running docker run
Official documentation for installing docker on centos
The docker user group has been created automatically when installing docker-ce, but users need to be added to the docker user group manually
$ sudo usermod -aG docker $USER
Or $sudo usermod-aG docker {specify username}
But I still prompt no permission after adding users to the docker user group
For example, I want to run bash on ubuntu 14.04:
[hsowan@localhost shell-workspace]$ docker run -it --rm ubuntu:14.04 bash
docker: Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Post http://%2Fvar%2Frun%2Fdocker.sock/v1.38/containers/create: dial unix /var/run/docker.sock: connect: permission denied.
See 'docker run --help'.
why? The reason is that although the user has joined the docker user group, he has not switched to the docker user group at present, so he still has no permission
If a user belongs to multiple user groups at the same time, the user can switch between user groups to have permissions from other user groups.
$ newgrp docker
You can now execute docker-related commands under non-root users
Besides adding user groups to users, what else can you do to enable non-root users to execute docker-related commands?
ok, let's check the permissions under 1/var/run/docker. sock
$ sudo ll /var/run/docker.sock
The following results will be obtained:
srw-rw----. 1 root docker 0 Sep 22 15:29 /var/run/docker.sock
So now directly modify the/var/run/docker. sock permissions
$ sudo chmod 666 /var/run/docker.sock
You can now run docker under non-root users
$ docker run -it --rm ubuntu:14.04 bash
root@5c60abab6425:/# cat /etc/os-release
NAME="Ubuntu"
VERSION="14.04.5 LTS, Trusty Tahr"
ID=ubuntu
ID_LIKE=debian
PRETTY_NAME="Ubuntu 14.04.5 LTS"
VERSION_ID="14.04"
HOME_URL="http://www.ubuntu.com/"
SUPPORT_URL="http://help.ubuntu.com/"
BUG_REPORT_URL="http://bugs.launchpad.net/ubuntu/"
root@5c60abab6425:/# exit
exit