[Buildroot] [All Systems Go!] Buildroot : Using embedded tools to build container images
Arnout Vandecappelle
arnout at mind.be
Mon Sep 23 07:17:45 UTC 2019
On 22/09/2019 20:07, François Perrad wrote:
[snip]
>> Yeah, except unfortunately docker security sucks, so on most distros you
>> need
>> sudo to run any docker command, even 'docker build'.
>>
>>
> see section "Manage Docker as a non-root user" in
> https://docs.docker.com/install/linux/linux-postinstall/
> on Ubuntu, I just run:
> $ sudo usermod -aG docker $USER
Yes, but the thing is, putting a user in the docker group is more or less the
same as giving them root access. So putting NOPASSWD in sudoers is basically
doing the same thing.
For people who can use sudo, fine, but they can just as well do sudo.
For people who can't use sudo (e.g. because the (build) machine is centrally
managed and users are not trusted), any competent sysadmin will also not allow
them to use docker.
Regards,
Arnout
More information about the buildroot
mailing list