April 10, 2017

Docker and Sudo

Docker and Sudo

Docker is a privileged command that only the root or system administrator can run. In order to use docker, you have to be root or a superuser. However, from a security point of view it's best practice to login in as a non-root user and elevate your privileges to root only when needed to administer the system.

The sudo command allows a non-root user to run commands reserved only for root. Depending on your Docker host configuration, you may be required to prepend docker commands with sudo:


To avoid this, particularly in a non-production environment, add a user to the docker group. Users that are part of the docker group can use docker without having to prepend sudo. E.g. edit the /etc/group file and a update the line:

docker:x:999: to docker:x:999:user

where user is the username of a user on the system. To add multiple users delimit each name with a comma. Docker can then be run without prepending sudo.

 

No comments:

Post a Comment