Rootless Docker Project

A project to get docker to run without needing root privileges.

Currently build-docker and run-docker setup the user to have passwordless sudo access.

https://docs.docker.com/engine/security/

It would be nice to get docker to run without root privileges.

Approaches:

Status=fail. See https://ddci.zapto.org/scm/Deos/maintainer-tools/docker/branches/mainline/podman.txt

Main problems have been getting qemu to work with podman.

Currently docker depends on qemu system executables to have network capabilities and for the if up and down scripts to have sudo access. No podman equivalent has been identified.

Matthew Carroll has been working with DLR to setup user mode networking, but user mode networking is problematic to configure for non-trivial networking needs.

An alternative might be to establish a podman network configuration and an appropriate subnet for the qemu guest.

https://docs.podman.io/en/v4.3/markdown/podman-network-create.1.html

Status=incomplete (not much effort applied so far).

1. Many web resources.
2. Main issue is complexity of configuration.
3. If multi-user is required, complexity is even higher.
   1. https://cmtops.dev/posts/rootless-docker-in-multiuser-environment/