Skip to content

A script for fixing the container group id of docker group to match the same group id of docker group on host.

Notifications You must be signed in to change notification settings

felipecrs/fixdockergid

Repository files navigation

fixdockergid

This adjusts the docker group id on the container to match the docker group id on host, so we can get rid of permission denied errors when we try to access the docker host from a container as a non-root user.

The fixdockergid depends on fixuid to work, and I hope its functionalities gets incorporated in it in the future.

Advantages:

  • No need to start the container as root.
  • Does not require sudo to perform its operations.
  • Convenient install script.

Try it out

I built an image for testing using the Dockerfile and pushed to DockerHub as felipecrs/fixdockergid so you can try it out, just run:

docker run --rm -u "$(id -u):$(id -g)" -v /var/run/docker.sock:/var/run/docker.sock felipecrs/fixdockergid docker run hello-world

And note: you're able to access the docker host from the container as a non-root user. The container's user matches the user on host (thanks to fixuid), and the user on the container is part of the a group which matches the docker group on host.

Install

Just add the following snippet to your Dockerfile, it will also install and configure fixuid for you. This was only tested on ubuntu containers. See: example.Dockerfile.

# You must set USER root in case your Dockerfile switched to another user before
USER root

# Replace with your non-root user name
ARG USERNAME="rootless"
# Replace with a git tag
ARG FIXDOCKERGID_VERSION="0.7.3"

RUN curl -fsSL "https://github.com/felipecrs/fixdockergid/raw/v${FIXDOCKERGID_VERSION}/install.sh" | sh -

ENTRYPOINT [ "fixdockergid" ]

USER ${USERNAME}

About

A script for fixing the container group id of docker group to match the same group id of docker group on host.

Resources

Stars

Watchers

Forks

Sponsor this project