search
HomeOperation and MaintenanceDockerHow to add users to docker
How to add users to dockerApr 19, 2023 am 09:16 AM

Docker is currently a popular container technology, which allows developers to easily build, run and maintain applications. However, when using Docker, you need to pay attention to the permission issues when the container is running. By default, Docker executes containers by using the root user, which may present security risks. Therefore, we need to learn how to add users to Docker, that is, specify the non-root user as the default user.

Why do you need to add users to Docker?

Docker’s security is very important. Especially when we use Docker to host production applications, we must be very careful because application containers may carry sensitive information that can lead to data leakage or corruption. So, in this case, we cannot run the Docker container using the root user. Otherwise, malicious code in any container can access system resources on the host machine, which is very dangerous.

So, in order to solve this problem, we should use non-root users to run Docker containers. This will increase the security of the system and improve our security when using Docker.

How to add users to Docker?

The Docker runtime is set to the root user by default. If we need to specify a non-root user as the default user, we need to follow the following steps:

Step 1: Create a non-root user

We need to create a new non-root user and disable the local root user. We can create a new user using the following command:

$ sudo adduser <username></username>

This command specifies the username of the new user as . Then, follow the prompts to enter your password and other information to create the new user.

Step 2: Add the new user to the docker group

Now, we have created a new non-root user, but we also need to add it to the Docker group to allow the User accesses Docker socket. We can add a user to the docker group using the following command:

$ sudo usermod -aG docker <username></username>

This command adds a new user to the docker group. It is important to note that we must run this command as the root user.

Step 3: Restart the Docker daemon

Next, we need to restart the Docker daemon to enable the new user to access the Docker socket. We can use the following command to restart the Docker daemon:

$ sudo systemctl restart docker

This command will restart the Docker daemon and make the Docker socket accessible to the new user.

Step 4: Configure the Docker service to use the new user

Now, we have added a new user to Docker, but we also need to configure the Docker service to use that user. We can use the following command to edit the Docker system service:

$ sudo vim /etc/systemd/system/multi-user.target.wants/docker.service

This command will open the Docker system service file for editing. In the file, we need to modify the following content:

ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock

to:

ExecStart=/usr/bin/dockerd --group docker -H fd:// --containerd=/run/containerd/containerd.sock

This modification configures the Docker service to use the docker group. After saving and closing the file, we need to reload the Docker system service:

$ sudo systemctl daemon-reload
$ sudo systemctl restart docker

Now, we have successfully designated the non-root user as the default user and can run the Docker container.

Summary

Docker is the default setting to use the root user to run containers, which may have security issues. Therefore, we should learn how to add users for Docker and disable the root user. During the operation, we created a new non-root user, added it to the docker group, and finally configured the Docker service to use this user. In this way, we successfully increased Docker's security and protected our applications and system resources.

The above is the detailed content of How to add users to docker. For more information, please follow other related articles on the PHP Chinese website!

Statement
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
How to use docker exec to run commands in a Docker containerHow to use docker exec to run commands in a Docker containerMar 05, 2025 pm 03:42 PM

This article explains how to use the docker exec command to run commands within a running Docker container. It covers basic syntax, options (like -it for interactive use and -d for detached mode), shell access, common use cases (debugging, administr

What is docker for? What is docker for?What is docker for? What is docker for?Mar 05, 2025 pm 03:49 PM

This article explains Docker, a containerization platform simplifying application building, shipping, and running. It addresses the "it works on my machine" problem by packaging apps and dependencies into isolated containers, improving con

Is docker an environment or softwareIs docker an environment or softwareMar 05, 2025 pm 03:38 PM

This article explains Docker, contrasting it with virtual machines. Docker uses containerization, sharing the host OS kernel for lightweight, resource-efficient application isolation. Key advantages include speed, portability, ease of deployment, a

How do I deploy applications to a Docker Swarm cluster?How do I deploy applications to a Docker Swarm cluster?Mar 17, 2025 pm 04:20 PM

The article details deploying applications to Docker Swarm, covering preparation, deployment steps, and security measures during the process.

What is docker for? What is docker for?What is docker for? What is docker for?Mar 05, 2025 pm 03:46 PM

Docker simplifies application building, shipping, and running via containerization. It offers consistent development environments, faster cycles, improved collaboration, and streamlined CI/CD, resulting in portable, scalable, and resource-efficient

What is docker for? What is docker for?What is docker for? What is docker for?Mar 05, 2025 pm 03:39 PM

This article explains Docker, a containerization platform simplifying application creation, deployment, and execution. It highlights Docker's benefits: improved efficiency, consistency, resource utilization, and streamlined deployment. Various use

What are Kubernetes pods, deployments, and services?What are Kubernetes pods, deployments, and services?Mar 17, 2025 pm 04:25 PM

The article explains Kubernetes' pods, deployments, and services, detailing their roles in managing containerized applications. It discusses how these components enhance scalability, stability, and communication within applications.(159 characters)

How do I scale applications in Kubernetes?How do I scale applications in Kubernetes?Mar 17, 2025 pm 04:28 PM

The article discusses scaling applications in Kubernetes using manual scaling, HPA, VPA, and Cluster Autoscaler, and provides best practices and tools for monitoring and automating scaling.

See all articles

Hot AI Tools

Undresser.AI Undress

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

AI Clothes Remover

Online AI tool for removing clothes from photos.

Undress AI Tool

Undress AI Tool

Undress images for free

Clothoff.io

Clothoff.io

AI clothes remover

AI Hentai Generator

AI Hentai Generator

Generate AI Hentai for free.

Hot Article

R.E.P.O. Energy Crystals Explained and What They Do (Yellow Crystal)
2 weeks agoBy尊渡假赌尊渡假赌尊渡假赌
Repo: How To Revive Teammates
4 weeks agoBy尊渡假赌尊渡假赌尊渡假赌
Hello Kitty Island Adventure: How To Get Giant Seeds
4 weeks agoBy尊渡假赌尊渡假赌尊渡假赌

Hot Tools

EditPlus Chinese cracked version

EditPlus Chinese cracked version

Small size, syntax highlighting, does not support code prompt function

Dreamweaver Mac version

Dreamweaver Mac version

Visual web development tools

ZendStudio 13.5.1 Mac

ZendStudio 13.5.1 Mac

Powerful PHP integrated development environment

SublimeText3 Mac version

SublimeText3 Mac version

God-level code editing software (SublimeText3)

mPDF

mPDF

mPDF is a PHP library that can generate PDF files from UTF-8 encoded HTML. The original author, Ian Back, wrote mPDF to output PDF files "on the fly" from his website and handle different languages. It is slower than original scripts like HTML2FPDF and produces larger files when using Unicode fonts, but supports CSS styles etc. and has a lot of enhancements. Supports almost all languages, including RTL (Arabic and Hebrew) and CJK (Chinese, Japanese and Korean). Supports nested block-level elements (such as P, DIV),