I’m trying to mount the /var/run/docker.sock socket into my container to allow docker-in-docker behaviour on Docker for Mac 17.06.0-cd-mac18 (18433), stable channel. On a mid 2014 MacBook Pro running Sierra 10.12.5.
The container runs as a non-root user (circleci:circleci). When I try and use docker inside it:
docker run -v /var/run/docker.sock:/var/run/docker.sock teviotia/circleci-docker-openjdk-node:latest docker info
I get permission errors, which is not surprising since
docker run -v /var/run/docker.sock:/var/run/docker.sock teviotia/circleci-docker-openjdk-node:latest ls -l /var/run/docker.sock
srw-rw---- 1 root staff
I tried touching the file and setting its ownership in the Dockerfile:
RUN sudo touch /var/run/docker.sock && sudo chown 3434:3434 /var/run/docker.sock
(3434 is the uid of the circleci user in the container) but this makes no difference to the ownership of the file once it is mounted. Likewise
RUN sudo touch /var/run/docker.sock && sudo chmod o+rw /var/run/docker.sock
makes no difference.
(I could of course run docker as sudo inside the container, but as you’ve probably noticed the primary use of this container is for circleci, and the scripts work fine on circleci so I’m a bit reluctant to sprinkle sudo everywhere just to solve the ownership of the docker.sock when running locally.)