
This tutorial I will show you how to enter docker command without using sudo command on Ubuntu Linux machine.
If you use Docker for testing and development on your local machine, you probably experienced of those messages.
$ docker run hello-world
Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get http://%2Fvar%2Frun%2Fdocker.sock/v1.27/containers/json: dial unix /var/run/docker.sock: connect: permission denied
You would probably circumvent this by using sudo before docker command or logging as root using su. But it does not have to be that way. It is possible to run as normal user, and there are two ways. One is to add your user to docker group and another is to allow it to write to Unix socket used by docker. We are going to show both ways to do this in on Ubuntu 18.04 LTS.
1) Adding user to the docker group
Create new group if it does not exist. This command will likely fail as group maybe already exist, but let's run it anyways.
sudo groupadd docker
Next we need to add current user to the group.
sudo gpasswd -a $USER docker
If you don't want to add currently logged in user, but instead some other, you change $USER for the username of that user. Note that user must be allowed to use sudo.
Lastly we need to reload shell in order to have new group settings applied. For this you can reboot or you can log out and log back in, but both are nuke approaches when you actually want something more subtle so lets instead do this command
newgrp docker
Now we are ready to run docker test program without sudo
docker run hello-world
Unable to find image 'hello-world:latest' locally
latest: Pulling from library/hello-world
ca4f61b1923c: Pull complete
Digest: sha256:97ce6fa4b6cdc0790cda65fe7290b74cfebd9fa0c9b8c38e979330d547d22ce1
Status: Downloaded newer image for hello-world:latest
Hello from Docker!
This message shows that your installation appears to be working correctly.
2) ACL lists
There is another way to do this, and that is ACL lists.
Still logged in as sudoer user we need to run this command
sudo setfacl -m user:bobby:rw /var/run/docker.sock
Off course, change bobby for your actual user who you want to use docker.
Now you can log in as this user.
su bobby
Now we can use docker, for example enter this command
docker ps
It should list containers if you have some. If not, at least it won't show you permission denied error.
Read Also :
That is it, two ways to have docker without sudo. It will save you typing and make using docker faster. Thank you for reading, and let us know in the comments if know any other options.
Hello Mihajlo,
Letting users (or yourself) use docker without sudo is a security risk, which needs to be understood beforehand since it allows you to gain root privileges very easily.
Any code you execute as your local user can gain root privileges without you knowing, and this is not something people usually know.
I wrote a blog post about this risk: https://medium.com/@msuixo/linux-users-running-docker-without-sudo-is-dangerous-3e5c5654abea
No longer works with Ubuntu 20.04 LTS
Hi Tyguy,
Which method did you follow and what error you are getting?
ACL no longer included by default in Ubuntu Server 20.04, if you follow the second method needs to install acl
$ sudo apt install acl