Basically, I’d like for our users to be able to run docker without using sudo, but I’m having some trouble. I’d like to use an LDAP group (or netgroup). If I create a local “docker” group and restart the daemon, the /var/run/docker.sock file is ownership root:docker as I expect. However if I use an LDAP group, the daemon doesn’t recognize the group and the docker.sock file stays as root:root.
I’m running Oracle Linux, 3.8.13-118.14.1.el6uek.x86_64
root@rhvm100:/etc/sysconfig> grep ^group /etc/nsswitch.conf
group: files ldap
root@rhvm100:/etc/sysconfig> groups rhelfand
rhelfand : users docker
root@rhvm100:/etc/sysconfig> /etc/init.d/docker start
Starting docker: [ OK ]
root@rhvm100:/etc/sysconfig> ls -la /var/run/docker.sock
srw-rw---- 1 root root 0 Mar 21 08:37 /var/run/docker.sock
I know I could chgrp the sock file after it starts up, or create a local group, or use sudo. Just looking to see if anyone has gotten this working successfully.