[CentOS-devel] docker group not exists in rpm

Mon Dec 7 16:29:42 UTC 2015
Jim Perrin <jperrin at centos.org>


On 12/07/2015 10:24 AM, Farkas Levente wrote:
> On 12/07/2015 05:17 PM, Jim Perrin wrote:
>>> ---------------------------
>>> sudo usermod -a -G docker <your-user>
>>> ---------------------------
>>> is this still valid?
>>
>> Yes, but you first have to add the docker group yourself.
>>
>>
>>> or how can an average user can run docker without sudo?
>>
>>
>> a simple "groupadd docker" will work, then restart the docker service
>> and add your user to that group.
>>
>> Note, it's *trivial* to escalate this to gain root on the host system,
>> so using the docker group is essentially passwordless sudo.
> 
> but the name of the docker group is somehow hardcoded into docker itself?
> 

Correct.

-- 
Jim Perrin
The CentOS Project | http://www.centos.org
twitter: @BitIntegrity | GPG Key: FA09AD77