Arch Linux User Repository

Do you have any issue when stopping service with systemd? In my side is stucking even after few mins. But docker seems to be stopped because docker ps returns

Cannot connect to the Docker daemon at unix:///run/user/1000/docker.sock. Is the docker daemon running?

@WhyNotHugo Sorry, I missed to find .install file.

I was unaware of /usr/lib/sysctl.d/. I've updated the PKGBUILD to use that location instead.

Regarding the install file, that's included with all the instructions. See https://aur.archlinux.org/cgit/aur.git/tree/docker-rootless-extras-bin.install?h=docker-rootless-extras-bin

Note that this is not visible on post-update, so maybe that's why you missed it?

This package needs to setting post install at user.
I suggest to show some message at post_install() like this.

Hello. Many package was putting sysctl file under /usr/lib/sysctl.d/ dir. Please move /etc/sysctl.d/99-docker-rootless.conf to /usr/lib/sysctl.d/99-docker-rootless.conf.

Hi! Do you mind including this files as docker.socket too?

[Unit]
Description=Docker Socket for the API

[Socket]
ListenStream=%t/docker.sock
SocketMode=0660

[Install]
WantedBy=sockets.target

With this file, one can run systemctl --user enable --now docker.socket, and docker will auto-start on demand (like the system docker). %t expands to $XDG_RUNTIME_DIR; this follows upstream's recommended path for the socket, at matches the one on your instructions now).

post_install Setup for docker-rootless-extras

Setup on your userspace, i,e exec this command and following instruction.

  $ dockerd-rootless-setuptool.sh check

systemd Setup for docker-rootless-extras

Start rootless docker with systemd.

  $ systemctl start --user dockerd-rootless.service

To launch the daemon on system startup.

  $ systemctl enable --user dockerd-rootless.service

Exec docker command on docker-rootless-extras

Following this commands.

  $ export DOCKER_HOST=unix:///run/user/1000/docker.sock
  $ docker info

How about including /etc/sysctl.d/99-docker-rootless.conf as part of this package?

Given that it's a hard prerequisite, it make sense to just install it, right?

For people who wants to use docker without adding user to docker group or sudo, which can be useful for development environment, this package might be for you

However there are some steps need to be done to get rootless docker to work after installing this package:

1. configure kernel settings

create /etc/sysctl.d/99-docker-rootless.conf:

kernel.unprivileged_userns_clone=1

and then run: sudo sysctl --system

see https://docs.docker.com/engine/security/rootless/#distribution-specific-hint for detailed information

2. configure subuid and subgid

create /etc/subuid and /etc/subgid with: (for example, testuser is username)

testuser:231072:65536

see https://docs.docker.com/engine/security/userns-remap/#prerequisites for detailed information

3. start and enable user service: systemctl --user status|start|stop docker

4. finally set docker socket environment variable:

export DOCKER_HOST=unix://$XDG_RUNTIME_DIR/docker.sock

you can also add it to ~/.bashrc or somewhere alike

Please read https://docs.docker.com/engine/security/rootless/ for more information

Any possibility of getting overlay2 storage driver for ArchLinux, as there's for Ubuntu/Debian? The vfs driver is almost unusable, it takes an horrid amount of space to construct images, I can't use it at all.