How to allow standard, non-admin, Active Directory users access to Docker without making them sudoers?

root docker permissions groups active-directory

I have a compute server with users that authenticate over AD.

I want these users to be able to use Docker without making them sudoers.

The official advice is to add users to the docker group, as "[w]hen the docker daemon starts, it makes the ownership of the Unix socket read/writable by the docker group." So users belonging to the group docker won't need to run commands with sudo.

I can't add an AD user to a local group though.

How can I let them use Docker CE as non-root without creating local accounts?


add your user to docker group explicitly in /etc/group and specify the group in /etc/docker/daemon.json

/etc/group

docker:x:groupID:user

/etc/docker/daemon.json

{
  "live-restore": true,
  "group": "docker"
}

restart docker daemon


Hi There to complement what Louis said on Ubuntu I ran: visudo and added the

Dockeruser ALL = NOPASSWD: /usr/bin/docker

This way the user Dockeruser can run docker with sudo without even having to reenter the password:

Dockeruser@dockerserver:~# sudo docker ps

Related

cannot export const arrow function
dpkg-reconfigure: dialog frontend sets up postfix successfully; non-interactive frontend fails
how to benchmark dbms (sql and nosql) on s390x architecture (IBM mainframes basically)
MSA70 Upgrade options
On a 64-bit machine is the size of an int in Java 32 bits or 64 bits?
Office365 SMTP requires TLS 1.0
Unsigned short in Java
Port forwarding to local port return ERR_CONNECTION_REFUSED with aws ec2
What are the practical limitations of a non-turing complete language like Coq?
Lisp commenting convention
java.lang.RuntimeException: Failure delivering result ResultInfo{who=null, request=1888, result=0, data=null} to activity
How to open a link in a default user browser in Qt?