DEV Community

Cover image for Run docker commands without sudo :))
Mohammad Reza
Mohammad Reza

Posted on

Run docker commands without sudo :))

First create a docker group

sudo groupadd docker
Enter fullscreen mode Exit fullscreen mode

Add the connected user $USER to the docker group

sudo gpasswd -a $USER docker
Enter fullscreen mode Exit fullscreen mode

Done

Log out and log back in so that your group membership is re-evaluated.

If testing on a virtual machine, it may be necessary to restart the virtual machine for changes to take effect.

On a desktop Linux environment such as X Windows, log out of your session completely and then log back in.

On Linux, you can also run the following command to activate the changes to groups:

 newgrp docker 
Enter fullscreen mode Exit fullscreen mode

Top comments (4)

Collapse
 
exadra37 profile image
Paulo Renato

This is convenience over security.

Now if anything escapes from the container to the host it will have root access in your machine, and that is not what you may want.

Collapse
 
azibom profile image
Mohammad Reza

You are right
That is not good idea to use it in our production env but I think we can use it for our local env and make our life easier

Collapse
 
exadra37 profile image
Paulo Renato

Do you use your operating system as the root user? No, you have your unprivileged user ;)

So the same rules must be applied for Docker or any other software that needs sudo.

Please don't put security over convenience, because that is exactly what attackers expect and is how they often compromise production systems.

They first gain access via the developer machine or via testing or staging environments that are not properly secured, because people often just think exactly as you:

but I think we can use it for our local env and make our life easier

Thread Thread
 
azibom profile image
Mohammad Reza

Nice , Thanks a million for sharing your expensive experience