Running Docker Without Sudo on Ubuntu 14.04

Running docker without sudo on Ubuntu 14.04

Group changes don't take effect immediately in the currently logged in session. Your options include:

  1. Log out then log back in
  2. Start a new login session (for bash this is with the bash -l command)

Docker not working without sudo in Ubuntu 22.04

If you installed Docker Desktop first, then removed it and installed the Docker Engine, you may need to switch the Docker context with this command:

docker context use default

Because Docker Desktop switches context before startups and shutdowns not to interfere Docker Engine. So context might be kept incorrectly after removing Docker Desktop. A related article: https://www.howtogeek.com/devops/how-to-troubleshoot-cannot-connect-to-the-docker-daemon-errors/

Tips on getting docker to work without having to run `sudo docker -d` on Ubuntu 15.04

Did u checked this http://docs.docker.com/articles/systemd/? This helped me to start docker under Ubunu 15.04.

How to fix docker: Got permission denied issue

If you want to run docker as non-root user then you need to add it to the docker group.

  1. Create the docker group if it does not exist
$ sudo groupadd docker

  1. Add your user to the docker group.
$ sudo usermod -aG docker $USER

  1. Log in to the new docker group (to avoid having to log out / log in again; but if not enough, try to reboot):
$ newgrp docker


  1. Check if docker can be run without root
$ docker run hello-world

Reboot if still got error

$ reboot

Warning

The docker group grants privileges equivalent to the root user. For details on how this impacts security in your system, see Docker Daemon Attack Surface..

Taken from the docker official documentation:
manage-docker-as-a-non-root-user

using docker-compose without sudo doesn't work

sudo chmod a+x /usr/local/bin/docker-compose

Will turn your permissions on.

docker-compose is just a wrapper, and it uses an external docker daemon, the same way the docker command doesn't actually run anything but gives an order to a docker daemon.

You can change the docker daemon you communicate with using the DOCKER_HOST variable. By default, it is empty ; and when it is empty, both docker and docker-compose assume it is located at /var/run/docker.sock

According to the dockerd documentation :

By default, a unix domain socket (or IPC socket) is created at /var/run/docker.sock, requiring either root permission, or docker group membership.

And this is enforced by giving read and write access to the docker group to the socket.

$ ls -l /var/run/docker.sock 
srw-rw---- 1 root docker 0 nov.  15 19:54 /var/run/docker.sock

As described in https://docs.docker.com/engine/install/linux-postinstall/, to add an user to the docker group, you can do it like that :

sudo usermod -aG docker $USER # this adds the permissions
newgrp docker # this refreshes the permissions in the current session

That being said, using docker with sudo is the same as using it with the docker group, because giving acces to the /var/run/docker.sock is equivalent to giving full root acces:

From https://docs.docker.com/engine/install/linux-postinstall/

The docker group grants privileges equivalent to the root user. For details on how this impacts security in your system, see Docker Daemon Attack Surface.

If root permission is a security issue for your system, another page is mentioned :

To run Docker without root privileges, see Run the Docker daemon as a non-root user (Rootless mode).

docker is composed of multiple elements : https://docs.docker.com/get-started/overview/

First, there are clients :

$ type docker
docker is /usr/bin/docker
$ dpkg -S /usr/bin/docker
docker-ce-cli: /usr/bin/docker

You can see that the docker command is installed when you install the docker-ce-cli package.

Here, ce stands for community edition.

The docker cli communicates with the docker daemon, also known as dockerd.

dockerd is a daemon (a server) and exposes by default the unix socket /var/run/docker.sock ; which default permissions are root:docker.

There are other components involved, for instance dockerd uses containerd : https://containerd.io/

The rest is basic linux permission management :

  • operating the docker daemon is the same as having root permission on that machine.
  • to operate the docker daemon, you need to be able to read and write from and to the socket it listens to ; in your case it is /var/run/docker.sock. whether or not you are a sudoer does not change anything to that.
  • to be able to read and write to and from /var/run/docker.sock, you must either be root or being in the docker group.
  • docker-compose is another cli it has the same requirements as docker.

Installing Docker.io on Ubuntu 14.04LTS

Evidently the docker daemon is not running. You wanna check /etc/default/docker.conf for proper configuration and issue

sudo service docker.io start

or

sudo service docker start

depending on how they called the service


Related Topics

Reading Kernel Memory Using a Module

Insufficient Permission Pushing to Git Shared Repo Over Smart Http

Detect If Interface Is in Promiscuous Mode with C

How to Identify Padding Scheme Used in Rsa Signature of a Certificate, Using Openssl

How to Convert Absolute Path to Relative in C Linux

In Linux, How to Do System Calls Through Gnu Arm Assembly

Nvcc Cuda Cross Compiling Cannot Find "-Lcudart"

Proxmox with Opnsense as Firewall/Gw - Routing Issue

Why Can't Bash Recognize The Existence of a Socket File

Sanity Check Ssh Public Key

Why Does Utf-8 Text Sort in Different Order Between Os X and Linux

Linux - Change The Hostname in The Cli

Emacs/Xterm Color Annoyance on Linux

Why Is Cygwin So Slow

How to Copy Symbolic Link File from Linux to Windows and Then Back to Linux But Still Keeping It as a Symbolic Link

Sort a File Based on a Column in Another File

Date -D Not Working on Mac

Replace Strings with Evaluated String Based on Matched Group (Elegant Way, Not Using for .. In)


Leave a reply



Submit