How to run 'sudo chmod 666 /var/run/docker.sock' on Ubuntu, before the services start [closed]

docker ubuntu-16.04

I have an Ubuntu Server 16.04, with a service that needs this permission

$ sudo chmod 666 /var/run/docker.sock

Right now, every time the server is rebooted, it's necessary to open a ssh console, run that task and start the service manually.

I need to run that command before the services being started. What would be the most secure way to do it?

EDIT: The service's account already is member of the docker group.


Solution 1:

To directly answer your question, just add the following content to a file called /etc/init/docker-chmod.conf to get your permissions set during boot.

start on startup
task
exec chmod 666 /var/run/docker.sock

But you should consider adding your, or a system user, to the docker-unix group to avoid workarounds like this which could be a big potential security threat.

The result of your chmod practically gives all local users read and write permissions to the docker-socket which allows anyone to interfere with your docker images.

Related

NTFS Compression with Deduplication?
samba nmbd: query_name_response: Multiple (2) responses received
Introspection of initramfs systemd services - How?
zfs - hotspare, replace, detach: ressource is busy
Windows Server 2012 member server reports - there is a time or date difference between your computer and the remote computer
How can I decrypt STARTTLS communication over SMTP in a packet capture (if I have the private key)?
How to restrict access to Gitlab by LDAP group (with LDAP search filter)?
Is it permissible for an intermediate proxy to add cookies during proxy authentication?
What is the difference between base URL and mirrorlist in Yum?
How can you link nodes in a redis cluster via hostname instead of ip?
iptables-restore sometimes fails on reboot
How to kill Windows service process stuck at starting?