使用普通用户管理docker

发表于 更新于 分类于

Docker的Daemon程序绑定到socket文件上(/var/run/docker.sock),而不是tcp端口.因此,默认情况下这个socket文件只能被root用户或者拥有sudo权限的用户访问. Docker daemon总是以root用户运行。

如果你不想总是在docker命令的前边加上sudo,那么可以创建一个名为docker的group,并且将你的用户加入到该组,那么docker daemon启动的时候会创建一个docker组成员可以访问的socket,例如:

1
2
ll /var/run/docker.sock 
srw-rw---- 1 root docker 0 Sep 24 11:24 /var/run/docker.sock

To create the docker group and add your user:

  1. Create the docker group.

    1
    $ sudo groupadd docker

  2. Add your user to the docker group.

    1
    $ sudo usermod -aG docker $USER

  3. Log out and log back in so that your group membership is re-evaluated.
    If testing on a virtual machine, it may be necessary to restart the virtual machine for changes to take effect.
    On a desktop Linux environment such as X Windows, log out of your session completely and then log back in.
    On Linux, you can also run the following command to activate the changes to groups:

    1
    $ newgrp docker