docker需要root用户启动守护进程

docker需要root用户启动守护进程

[root@yang ~]# useradd yang

[root@yang ~]# usermod -a -G docker yang

[root@yang ~]# id yang
uid=1002(yang) gid=1002(yang) 组=1002(yang),994(docker)
[root@yang ~]# groups yang
yang : yang docker

# 使用root用户停止docker
[root@yang ~]# systemctl stop docker
Warning: Stopping docker.service, but it can still be activated by:
  docker.socket


# 切到yang用户
[root@yang ~]# su - yang

# 尝试启动docker
[yang@yang ~]$ systemctl start docker
==== AUTHENTICATING FOR org.freedesktop.systemd1.manage-units ===
Authentication is required to manage system services or units. # 管理系统服务或单元需要身份验证
Authenticating as: root # 身份验证为：root
Password: # 需要输入root密码才能启动docker

# 使用sudo
[yang@VM-0-13-centos ~]# echo 'yang   ALL=(ALL)       ALL'  >> /etc/sudoers

[yang@VM-0-13-centos ~]$ sudo systemctl start docker
[yang@VM-0-13-centos ~]$ docker ps
Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get "http://%2Fvar%2Frun%2Fdocker.sock/v1.24/containers/json": dial unix /var/run/docker.sock: connect: permission denied

[yang@VM-0-13-centos ~]$ id yang
uid=1003(yang) gid=1003(yang) groups=1003(yang)
[yang@VM-0-13-centos ~]$ 
[yang@VM-0-13-centos ~]$ sudo usermod -aG docker yang # 不是必需的
[yang@VM-0-13-centos ~]$ 
[yang@VM-0-13-centos ~]$ id yang
uid=1003(yang) gid=1003(yang) groups=1003(yang),992(docker) 
[yang@VM-0-13-centos ~]$ 
[yang@VM-0-13-centos ~]$ sudo chmod 777 /var/run/docker.sock # 必需的
[yang@VM-0-13-centos ~]$ 
[yang@VM-0-13-centos ~]$ docker ps
CONTAINER ID   IMAGE          COMMAND                  CREATED       STATUS         PORTS     NAMES
bd38f456a9c8   mysql:5.7.34   "docker-entrypoint.s…"   2 weeks ago   Up 3 minutes             mysql5.7
[yang@VM-0-13-centos ~]$