Of Stack

Implementation that the Docker command enables ordinary users to execute

  • 2021-10-25 08:19:32
  • OfStack

After installing docker1, there will be docker user group

Step 2, add the current user to the docker group 


sudo gpasswd -a ${USER} docker

Step 3: Restart docker 


sudo systemctl restart docker

Step 4: Grant read and write permissions 


sudo chmod a+rw /var/run/docker.sock

Add: Non-root users do not have permission to use docker

Prompt no permission when running docker run

Official documentation for installing docker on centos

The docker user group has been created automatically when installing docker-ce, but users need to be added to the docker user group manually 


$ sudo usermod -aG docker $USER

Or $sudo usermod-aG docker {specify username}

But I still prompt no permission after adding users to the docker user group

For example, I want to run bash on ubuntu 14.04: 


[hsowan@localhost shell-workspace]$ docker run -it --rm ubuntu:14.04 bash
docker: Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Post http://%2Fvar%2Frun%2Fdocker.sock/v1.38/containers/create: dial unix /var/run/docker.sock: connect: permission denied.
See 'docker run --help'.

why? The reason is that although the user has joined the docker user group, he has not switched to the docker user group at present, so he still has no permission

If a user belongs to multiple user groups at the same time, the user can switch between user groups to have permissions from other user groups. 


$ newgrp docker

You can now execute docker-related commands under non-root users

Besides adding user groups to users, what else can you do to enable non-root users to execute docker-related commands?

ok, let's check the permissions under 1/var/run/docker. sock 


$ sudo ll /var/run/docker.sock

The following results will be obtained: 


srw-rw----. 1 root docker 0 Sep 22 15:29 /var/run/docker.sock

So now directly modify the/var/run/docker. sock permissions 


$ sudo chmod 666 /var/run/docker.sock

You can now run docker under non-root users 


$ docker run -it --rm ubuntu:14.04 bash
root@5c60abab6425:/# cat /etc/os-release 
NAME="Ubuntu"
VERSION="14.04.5 LTS, Trusty Tahr"
ID=ubuntu
ID_LIKE=debian
PRETTY_NAME="Ubuntu 14.04.5 LTS"
VERSION_ID="14.04"
HOME_URL="http://www.ubuntu.com/"
SUPPORT_URL="http://help.ubuntu.com/"
BUG_REPORT_URL="http://bugs.launchpad.net/ubuntu/"
root@5c60abab6425:/# exit
exit
Related articles: