背景简介
配置非 root 用户执行 doker 权限,提高容器安全性。
环境配置
- 系统:Debian 6.1.66-1 (2023-12-09) x86_64 GNU/Linux
- Docker 27.5.1
详细步骤
第一步: 创建用户 【参考笔记】
第二步: 将用户添加至 docker 组
root@pega-minikube-poc:~# usermod -aG docker myserver
第三步: 切换到非root用户,例如我的是 myserver
root@pega-minikube-poc:~# su myserver
myserver@pega-minikube-poc:/root$
第四步: 运行 docker 指令查看配置是否生效
myserver@pega-minikube-poc:/root$ docker version
Client: Docker Engine - Community
Version: 27.5.1
API version: 1.47
Go version: go1.22.11
Git commit: 9f9e405
Built: Wed Jan 22 13:41:17 2025
OS/Arch: linux/amd64
Context: default
Server: Docker Engine - Community
Engine:
Version: 27.5.1
API version: 1.47 (minimum version 1.24)
Go version: go1.22.11
Git commit: 4c9b3b0
Built: Wed Jan 22 13:41:17 2025
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: 1.7.25
GitCommit: bcc810d6b9066471b0b6fa75f557a15a1cbf31bb
runc:
Version: 1.2.4
GitCommit: v1.2.4-0-g6c52b3f
docker-init:
Version: 0.19.0
GitCommit: de40ad0
myserver@pega-minikube-poc:/root$ docker container ls -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
如出现
permission denied,则使用非root账号重新登陆或者重启 Linux 服务器后尝试即可myserver@pega-minikube-poc:/root$ docker version Client: Docker Engine - Community Version: 27.5.1 API version: 1.47 Go version: go1.22.11 Git commit: 9f9e405 Built: Wed Jan 22 13:41:17 2025 OS/Arch: linux/amd64 Context: default permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get "http://%2Fvar%2Frun%2Fdocker.sock/v1.47/version": dial unix /var/run/docker.sock: connect: permission denied
以上便是本文的全部内容,感谢您的阅读。