[jira] [Comment Edited] (SUREFIRE-1840) Why sudo docker?

Fri, 27 Nov 2020 01:41:07 -0800 


    [ 
https://issues.apache.org/jira/browse/SUREFIRE-1840?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17239558#comment-17239558
 ] 

Matthew Wang edited comment on SUREFIRE-1840 at 11/27/20, 9:40 AM:
-------------------------------------------------------------------

Yes, from what I've seen, it is required.

I would expect that this is because the docker daemon generally requires root 
level privileges for most of its core functionality.

For more information (~5 years old, but still applies):

[https://unix.stackexchange.com/questions/156938/why-does-docker-need-root-privileges]

Using docker without sudo/ root level access is currently experimental.

[https://docs.docker.com/engine/security/rootless/] 

A limitation that is undeniable is that root level privileges are being given, 
which means that if that are any vulnerabilities with the docker system, there 
is the possibility of providing root access to unwanted entities, which has 
potential to incredibly harm on the system that is using docker.


was (Author: mslwang):
Yes, from what I've seen, it is required.

I would expect that this is because the docker daemon generally requires root 
level privileges for most of its core functionality.

For more information (~5 years old, but still applies):

[https://unix.stackexchange.com/questions/156938/why-does-docker-need-root-privileges]

Using docker without sudo/ root level access is currently experimental.

[https://docs.docker.com/engine/security/rootless/] 

A limitation that is undeniable is that root level privileges are being given, 
which means that if that are any vulnerabilities with the docker system, there 
is the possibility of providing root access to unwanted entities, which would 
has potential for incredible harm on the system that is using docker.

> Why sudo docker?
> ----------------
>
>                 Key: SUREFIRE-1840
>                 URL: https://issues.apache.org/jira/browse/SUREFIRE-1840
>             Project: Maven Surefire
>          Issue Type: Bug
>          Components: documentation
>            Reporter: Sebb
>            Assignee: Tibor Digana
>            Priority: Major
>              Labels: up-for-grabs
>
> The page
> https://maven.apache.org/surefire/maven-surefire-plugin/docker.html
> says
> "$ sudo docker build --no-cache -t my-image:1 -f ./Dockerfile ."
> Is sudo really needed here?
> If so, the reason should be explained and any limitations noted.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Reply via email to