解决非root用户没有权限运行docker命令的问题
前言
最近使用windows11 linux子系统安装daoker后提示:
To run Docker as a non-privileged user, consider setting up the Docker daemon in rootless mode for your user:
dockerd-rootless-setuptool.sh installVisit docs.docker.com/go/rootless… to learn about rootless mode.
To run the Docker daemon as a fully privileged service, but granting >non-root users access, refer to docs.docker.com/go/daemon-a…
WARNING: Access to the remote API on a privileged Docker daemon is equivalent to root access on the host. Refer to the 'Docker daemon attack surface' documentation for details: docs.docker.com/go/attack-s…
解决问题
运行docker命令提示:
Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get "http://%2Fvar%2Frun%2Fdocker.sock/v1.24/containers/json": dial unix /var/run/docker.sock: connect: permission denied
feng@real:/var/run$ ll
total 12
drwxr-xr-x 8 root root 240 Feb 15 09:46 ./
drwxr-xr-x 19 root root 4096 Feb 15 09:36 ../
drwxrwxrwx 2 root root 80 Feb 15 09:36 WSL/
drwx------ 6 root root 160 Feb 15 09:46 docker/
-rw-r--r-- 1 root root 5 Feb 15 09:46 docker-ssd.pid
-rw-r--r-- 1 root root 4 Feb 15 09:46 docker.pid
srw-rw---- 1 root docker 0 Feb 15 09:46 docker.sock=
drwxrwxrwt 2 root root 40 Feb 15 09:36 lock/
drwxrwxrwt 2 root root 40 Feb 15 09:36 shm/
drwx--x--x 3 root root 60 Feb 15 09:37 sudo/
drwxr-xr-x 2 root root 40 Feb 15 09:36 user/
-rw------- 1 root root 0 Feb 15 09:46 xtables.lock
答案显而易见,没有访问/var/run/docker.sock的权限,要不用root用户,要不将用户添加到docker的用户组。
方法1: 使用sudo获取管理员权限,运行docker命令,这个方法在通过脚本执行docker命令的时候会有很多局限性
方法2: docker守护进程启动的时候,会默认赋予名为docker的用户组读写Unix socket的权限,因此只要创建docker用户组,并将当前用户加入到docker用户组中,那么当前用户就有权限访问Unix socket了,进而也就可以执行docker相关命令
sudo usermod -a -G docker feng #添加到docker用户组
newgrp docker #更新用户组
结果
feng@real:/var/run$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
