Although this post is tempted to be closed for many I should ask what I am doing wrong since I am getting crazy and can't find a solution.
I have installed Docker in Fedora 24 and everything seems to be fine but I can't run docker command without sudo and that's annoying (at least for me).
I am logged as a normal user (non-root) and as soon as I run a command I can see this message:
$ docker ps
Cannot connect to the Docker daemon. Is the docker daemon running on this host?
However if I run only docker I can see a list of possible commands :-\
I've followed this guide and I read also a lot (here is a small list):
http://bsaunder.github.io/2014/12/21/running-docker-without-sudo/
Running Docker as non-root user
How to run docker image as a non-root user?
But certainly I am missing something, can any illuminate me? What I am missing here? I know the problem become user has not permissions to /var/run/docker.sock but what's the fix?
Running docker to get the list of commands doesn't use a connection to the daemon, which is why you can run it as non-root.
Have you added your user to the docker group?
sudo usermod -aG docker <my-user>
If you do that, next time you log in you should be able to use the docker CLI without sudo. But beware that the docker group has root privileges, so this is a convenience but not a security improvement.
Related
This question already has answers here:
How to fix docker: Got permission denied issue
(33 answers)
Closed 1 year ago.
I was just getting started with docker, and I run this:
docker pull redis
and I get a permission denied error. It turns out, docker writes to /var/* directories, which requires permission to write. and so many other docker commands also require something like:
sudo docker ***
Now, I don't really like the notion of add root privileges to every docker command.(It might be because I just don't know docker much yet, but that's true with every program). Is this a requirement by docker?
If it is not required, then how do I configure it so that it is much like other programs, that only ask me privileges when they need to, all the pulling, running commands would just write to my normal directories or run from them, not from a system directory.
EDIT: my concern was, if docker was allowed access to system files, meaning, it has some embedded scipt that had a potential harm to the computer, and it executed when I ran the docker. Since, I give it root privileges, the script could do anything. Would adding it to the user group instead of sudo fix that?
By default Docker runs an always-on daemon on your system which requires root privileges (Experimental non-root Docker support exists though).
The common approach is to add your User to the docker group which allows you to run docker without having to sudo: https://docs.docker.com/engine/install/linux-postinstall/
sudo usermod -aG docker $USER
newgrp docker
If you are interested in non-root Docker the following might be interesting:
https://podman.io/
https://docs.docker.com/engine/security/rootless/
You are not probably part of docker group as user. You could try post-installations steps mentioned on here.
Create group docker:
sudo groupadd docker
Add user to the group
sudo usermod -aG docker $USER
Reload changes:
newgrp docker
I've really tried tons of solvings but nothing work for me . Maybe because I use WSL for window (ubuntu 18.04) , but I'm not sure . Pls if someone solved this issue . let me know
My ubuntu data:
I've used this tutorial for installation, but also earlier I was using official tutorial , but it give me the same issue:
https://linuxize.com/post/how-to-install-and-use-docker-on-ubuntu-18-04/
The issue is most likely that you are trying to use docker as a standard user who doesn't belong to the docker group, instead as root.
First, check whether the service is indeed running with systemctl status docker.service.
If the service is running, try to run the same container, but as root.
If it's working as root, then just add your user to the docker group, and that's it. usermod -a -G docker andreyradkevich
I used docker extensively for a couple of years now and we always just added the user to the docker group to use the client.
Recently, on a ubuntu 18.04 using a docker 18.09 I need to call newgrp docker in each shell before I get access to the docker socket!?!
Why like this? It sucks!
This is needed within a jenkins container. the easy workaround is to do a usermod -g docker jenkins inside the container. However, this was NOT necessary one year ago :(
Recently, on a ubuntu 18.04 using a docker 18.09 I need to call newgrp docker in each shell before I get access to the docker socket!?!
Have you logged out and back in again, since adding yourself to the docker group?
This is needed within a jenkins container. the easy workaround is to do a usermod -g docker jenkins inside the container. However, this was NOT necessary one year ago :(
Provided you mount the Docker socket into your Jenkins container, this should not be required. Which user does Jenkins run as?
I'm currently trying to finish a Vagrantfile to be used as a docker host by other Vagrantfiles running the docker provider (https://www.vagrantup.com/docs/docker/).
I am using centos/atomic-host as a base box. The problem is that when I run vagrant up I get:
A Docker command executed by Vagrant didn't complete successfully!
The command run along with the output from the command is shown
below.
Command: "docker" "ps" "-a" "-q" "--no-trunc"
Stderr: Cannot connect to the Docker daemon. Is the docker daemon running on this host?
And this is due to the vagrant user not being part of the docker group. I solve this by adding this to my Vagrantfile:
# Add user vagrant to docker group
$docker_group = <<-DOCKER_GROUP
groupadd docker
usermod -a -G docker vagrant
systemctl restart docker
DOCKER_GROUP
config.vm.provision "docker_group", type: "shell", privileged: true, inline: $docker_group
I still get the exception above the first time I run vagrant up but it works from the second time onwards. The reason I suspect is that after adding the vagrant user to the docker group I need to logout/login for the changes to take effect.
For the record, I tried adding newgrp docker at the end of the my $docker_group script but it doesn't solve the problem. I suspect the docker provider starts a separate session.
Anybody found a solution for this?
I am not aware of Vagrantfile, but what I understand from your question is that you need some way to refresh a user's group without having to re-login.
If that's the case, the following points may help you:
Why not just su to the user again: you may just login in to the user again, and all the user's group will be updated.
Or you may try the this approach Legooolas has mentiones.
I hardly think the problem you mentioned is with the Vagrantfile, it's just the way it is. To update user's configurations, you need to re-login with the user. Still, if you wish to find a way, the above two might help you out.
I am new to the world Docker'm having trouble running the first time.
The facility was quiet, however there trying to check existing container, it shows the following message:
Can not connect to the Docker daemon. Is the running daemon docker on this host?
I've done the start of the daemon to the test reported in the docker documentation I tested is normal and prowling, however to continue the steps displays the message reported above.
By default, the docker command runs for its own group or root users. Make sure you type prefix the command you're using with sudo. Alternatively, you can add your current user to the docker group by running sudo usermod -aG docker $USER.
Source: the official documentation.