<html>
<head>
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<br>
<div class="moz-cite-prefix">On 11/11/2014 11:00 AM, Joe Brockmeier
wrote:<br>
</div>
<blockquote cite="mid:546232AA.9060100@redhat.com" type="cite">
<pre wrap="">On 11/08/2014 12:40 PM, Aditya Patawari wrote:
</pre>
<blockquote type="cite">
<pre wrap="">Is this a known issue or should I file a bug somewhere?
</pre>
</blockquote>
<pre wrap="">
Are you using root or another use to run containers?
Dan said "You should not be allowing non root users to create docker
containers."
So what's the best practice we want to be pushing here, and is that
possible under the current setup?
Best,
jzb
</pre>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
CentOS-devel mailing list
<a class="moz-txt-link-abbreviated" href="mailto:CentOS-devel@centos.org">CentOS-devel@centos.org</a>
<a class="moz-txt-link-freetext" href="http://lists.centos.org/mailman/listinfo/centos-devel">http://lists.centos.org/mailman/listinfo/centos-devel</a>
</pre>
</blockquote>
Personally if it is a single user machine and you have sudo setup to
be used without a password, then<br>
set this up also. <br>
<br>
If this is a multi-user system, and you don't want all of your uses
to be able to run as root, then<br>
don't do it. I would recommend just using sudo docker or better yet
build a script that executes a specific<br>
docker command that you user could run.<br>
<br>
dockerstart.sh <br>
docker start foobar <br>
<br>
dockerexec.sh<br>
docker exec -ti foobar /bin/sh<br>
<br>
docker stop.sh<br>
docker stop foobar<br>
<br>
Then setup lines in sudoers to allow specific users to execute these
scripts, only.<br>
</body>
</html>