Package Details: docker-rootless-extras 25.0.3-1

Git Clone URL: https://aur.archlinux.org/docker-rootless-extras.git (read-only, click to copy)
Package Base: docker-rootless-extras
Description: Extras to run docker as non-root.
Upstream URL: https://docs.docker.com/engine/security/rootless/
Keywords: containers docker isolation rootless
Licenses: Apache
Conflicts: docker-rootless, docker-rootless-extras, docker-rootless-extras-bin
Provides: docker-rootless, docker-rootless-extras, docker-rootless-extras-bin
Submitter: whynothugo
Maintainer: Stebalien
Last Packager: Stebalien
Votes: 29
Popularity: 1.07
First Submitted: 2021-04-14 17:58 (UTC)
Last Updated: 2024-02-16 18:10 (UTC)

Pinned Comments

Latest Comments

« First ‹ Previous 1 2 3 4 5 6 7 8 Next › Last »

t3hmrman commented on 2021-01-21 07:12 (UTC) (edited on 2021-01-21 07:43 (UTC) by t3hmrman)

@kakawait I find that stopping the service works properly if I also stop docker.socket with the --now parameter. Stopping the service itself hangs and from another shell I stop the socket.

Possibly unrelated to that, has anyone had an issue with DOCKER_HOST remaining modified after removing docker rootless mode? In particular I find that something is still setting DOCKER_HOST to unix:///run/user/1000/docker.sock. I've removed the export from my .bashrc of course, and can't find anywhere else in the usual ENV modification locations that could be setting it. The service (both system and user level) are off as well.

[EDIT] - I fixed my issue with the ENV, it was indeed .bashrc and my issue was that I launched startx from a shell that had DOCKER_HOST set (so every shell created there-in was inheriting the variable from the initial shell, despite .bashrc being updated to remove the variable).

kakawait commented on 2021-01-03 22:45 (UTC)

Do you have any issue when stopping service with systemd? In my side is stucking even after few mins. But docker seems to be stopped because docker ps returns

Cannot connect to the Docker daemon at unix:///run/user/1000/docker.sock. Is the docker daemon running?

kob commented on 2020-12-25 18:15 (UTC)

@WhyNotHugo Sorry, I missed to find .install file.

whynothugo commented on 2020-12-25 17:55 (UTC)

I was unaware of /usr/lib/sysctl.d/. I've updated the PKGBUILD to use that location instead.

Regarding the install file, that's included with all the instructions. See https://aur.archlinux.org/cgit/aur.git/tree/docker-rootless-extras-bin.install?h=docker-rootless-extras-bin

Note that this is not visible on post-update, so maybe that's why you missed it?

kob commented on 2020-12-25 17:10 (UTC) (edited on 2020-12-25 17:11 (UTC) by kob)

This package needs to setting post install at user.
I suggest to show some message at post_install() like this.

kob commented on 2020-12-25 17:03 (UTC)

Hello. Many package was putting sysctl file under /usr/lib/sysctl.d/ dir. Please move /etc/sysctl.d/99-docker-rootless.conf to /usr/lib/sysctl.d/99-docker-rootless.conf.

whynothugo commented on 2020-12-18 18:31 (UTC)

Hi! Do you mind including this files as docker.socket too?

[Unit]
Description=Docker Socket for the API

[Socket]
ListenStream=%t/docker.sock
SocketMode=0660

[Install]
WantedBy=sockets.target

With this file, one can run systemctl --user enable --now docker.socket, and docker will auto-start on demand (like the system docker). %t expands to $XDG_RUNTIME_DIR; this follows upstream's recommended path for the socket, at matches the one on your instructions now).

kob commented on 2020-12-17 09:58 (UTC) (edited on 2020-12-17 09:59 (UTC) by kob)

post_install Setup for docker-rootless-extras

Setup on your userspace, i,e exec this command and following instruction.

  $ dockerd-rootless-setuptool.sh check
systemd Setup for docker-rootless-extras

Start rootless docker with systemd.

  $ systemctl start --user dockerd-rootless.service

To launch the daemon on system startup.

  $ systemctl enable --user dockerd-rootless.service
Exec docker command on docker-rootless-extras

Following this commands.

  $ export DOCKER_HOST=unix:///run/user/1000/docker.sock
  $ docker info

whynothugo commented on 2020-12-16 16:24 (UTC)

How about including /etc/sysctl.d/99-docker-rootless.conf as part of this package?

Given that it's a hard prerequisite, it make sense to just install it, right?

pastleo commented on 2020-08-29 11:28 (UTC)

For people who wants to use docker without adding user to docker group or sudo, which can be useful for development environment, this package might be for you

However there are some steps need to be done to get rootless docker to work after installing this package:

1. configure kernel settings

create /etc/sysctl.d/99-docker-rootless.conf: 

kernel.unprivileged_userns_clone=1

and then run: sudo sysctl --system

see https://docs.docker.com/engine/security/rootless/#distribution-specific-hint for detailed information

2. configure subuid and subgid

create /etc/subuid and /etc/subgid with: (for example, testuser is username)

testuser:231072:65536

see https://docs.docker.com/engine/security/userns-remap/#prerequisites for detailed information

3. start and enable user service: systemctl --user status|start|stop docker
4. finally set docker socket environment variable:
export DOCKER_HOST=unix://$XDG_RUNTIME_DIR/docker.sock

you can also add it to ~/.bashrc or somewhere alike

Please read https://docs.docker.com/engine/security/rootless/ for more information

« First ‹ Previous 1 2 3 4 5 6 7 8 Next › Last »