Lab 002: Docker Update Permissions
Requirements
One of the Nautilus project developers need access to run docker commands on App Server 1. This user is already created on the server. Accomplish this task as per details given below:
User rose is not able to run docker commands on App Server 1 in Stratos DC, make the required changes so that this user can run docker commands without sudo.
This page preserves the original task statement and documents one standard Linux post-install approach: grant the user membership in the Docker group and validate access without sudo.
Prerequisites
- You can SSH to App Server 1 and switch to a privileged shell.
- Docker is installed and the
dockergroup already exists on the host. - The user rose already exists on the server.
Steps
Login to the app server 1 and switch to root. For the server credentials, check out the Project Nautilus documentation.
sshpass -p '***********' ssh -o StrictHostKeyChecking=no tony@172.16.238.10
sudo su -
***********
Check if docker group exists and which users are added as members.
[root@stapp01 ~]# sudo getent group docker
docker:x:995:tony
Add the user rose and verify.
[root@stapp01 ~]# sudo usermod -aG docker rose
[root@stapp01 ~]# sudo getent group docker
docker:x:995:tony,rose
Switch to user rose and check if you can run docker commands.
[root@stapp01 ~]# su - rose
[rose@stapp01 ~]$ docker --version
Docker version 19.03.15, build 99e3ed8919
[rose@stapp01 ~]$
[rose@stapp01 ~]$ docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
[rose@stapp01 ~]$
[rose@stapp01 ~]$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
Verification
- Confirm the user is a member of the Docker group with
getent group docker. - Switch to rose and run
docker --version,docker images, ordocker ps -awithoutsudo. - If those commands succeed without a permissions error, the access change is complete.