Differences

This shows you the differences between two versions of the page.

--- docker:run_docker_as_non-root_user [2020/05/06 12:36] – peter
+++ docker:run_docker_as_non-root_user [2020/05/13 08:50] (current) – removed peter
@@ Line 1: / Line 1: @@
-====== Docker - Run Docker As Non-root User ======
-<WRAP important>
-**ALERT:**  The problem with this is that it can potentially expose your system to root access.
-Simply run the following and you can read/write to any file as root through /opt/host inside of your docker container.
-<code bash>
-docker run -it -v /:/opt/host debian bash
-</code>
-On a personal system, this isn’t too big of a problem, but in a managed user environment where you don’t want users to have root access or access to private information of other users (ssh keys for example), this can be a big issue.
-</WRAP>
-----
-Create a group called “docker” with the following command:
-<code bash>
-sudo groupadd docker
-</code>
-Next, add your user to the docker group:
-<code bash>
-sudo usermod -aG docker $USER
-</code>
-After adding the user to the docker group, log out and log back in to take effect the changes.
-----
-Just in case, you already ran a few Docker commands with ‘sudo’ permission before adding your user to the Docker group, you will probably see an error something like below.
-<code bash>
-WARNING: Error loading config file: /home/user/.docker/config.json -
-stat /home/user/.docker/config.json: permission denied
-</code>
-The above error message indicates that your ~/.docker/ directory was created with incorrect permissions due to the ‘sudo’ commands. To fix this problem, change this directory ownership and permissions using the following commands:
-<code bash>
-sudo chown "$USER":"$USER" /home/"$USER"/.docker -R
-sudo chmod g+rwx "$HOME/.docker" -R
-</code>
-Log out and log back in for this to take effect.
-If it still doesn’t fix the issue, you might need to remove your ~/.docker/ directory. It will be recreated automatically, but you will lose all custom settings, if there are any.