非root用户如何安装docker？ [英] non-root user how to install docker?

问题描述

我正在使用高性能计算平台的CentOS 6.9系统，我想与非root用户一起使用docker。有没有一种方法可以从源代码构建docker，并且不需要root特权？

I am using a CentOS 6.9 system of High performance computation platform and I wanna use docker with non-root user. Is there a method that I can build docker from source and do not need root privilege?

推荐答案

将docker安装在计算机上时，具有docker访问权限（不一定是root）的用户可以启动容器。特别是，他们可以以特权模式启动容器，从而使容器可以访问所有主机设备。

When docker is installed on a machine, users with docker access (not necessarily root) can start containers. In particular, they can start containers in priviliged mode, giving the container access to all host devices.

更重要的是，有权访问docker的用户可以挂载机器根专有的目录。由于默认情况下，容器内的root用户将有权访问该容器内已安装的root拥有的目录，因此这将允许由非root用户启动的任何Docker容器都可以访问关键机器。

More importantly, A user with access to docker can mount directories owned exclusively by machine root. Since by default, a root user inside the container will have access to mounted root-owned directories inside the container, this will allow any Docker container started by a non-root user to access critical machine stuff.

因此，不允许非root用户安装Docker和启动容器的顺序，因为这可能会损害整个计算机。

Therefore, the sequence of having a non-root user install Docker and start containers should not be allowed as it can compromise the whole machine.

检查此明确的评论来自一个docker维护者。

Check this explicit comment from one of the docker maintainers.

这篇关于非root用户如何安装docker？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！