Docker Tip #20: Managing Docker without Sudo on Linux
Being able to access the Docker daemon as a non-root user is a quality of life enhancement. Here's how to do it on Linux.
By default when you install Docker on Linux, you can only access the Docker daemon as the
root user, or by using
sudo. It’s really easy to forget to add
sudo when running Docker commands and you really shouldn’t be logged in as
root all the time on a Linux system.
Add a docker group and then add your user to it:
sudo groupadd docker
sudo usermod -aG docker $USER
If you’re on a Linux server you’ll want to log out and then log back in for the changes to take effect. If you’re using Linux on the desktop, log out of your desktop session and then log back in.
I personally do this on my own Linux development box and my production servers.
This works because the Docker daemon binds to a Unix socket which is owned by the
root user. With the above change, it makes the socket accessible by whatever user you happen to be logged in as (that’s what
$USER refers to).
If you want to read up on the security implications of doing this then check out Docker’s documentation related to attack surface.