cockpit-doc 164-1 / usr / share / doc / cockpit / guide / feature-docker.html

This file is indexed.

/usr/share/doc/cockpit/guide/feature-docker.html is in cockpit-doc 164-1.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below. 

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Docker</title>
<meta name="generator" content="DocBook XSL Stylesheets V1.79.1">
<link rel="home" href="index.html" title="Cockpit Guide">
<link rel="up" href="features.html" title="Part II. Feature Internals">
<link rel="prev" href="feature-journal.html" title="Journal">
<link rel="next" href="feature-networkmanager.html" title="NetworkManager">
<link rel="stylesheet" href="style.css" type="text/css">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
<table class="navigation" id="top" width="100%" summary="Navigation header" cellpadding="2" cellspacing="2"><tr valign="middle">
<td><a accesskey="p" href="feature-journal.html"><img src="left.png" width="24" height="24" border="0" alt="Prev"></a></td>
<td><a accesskey="u" href="features.html"><img src="up.png" width="24" height="24" border="0" alt="Up"></a></td>
<td><a accesskey="h" href="index.html"><img src="home.png" width="24" height="24" border="0" alt="Home"></a></td>
<th width="100%" align="center">Cockpit Guide</th>
<td><a accesskey="n" href="feature-networkmanager.html"><img src="right.png" width="24" height="24" border="0" alt="Next"></a></td>
</tr></table>
<div class="chapter">
<div class="titlepage"><div><div><h2 class="title">
<a name="feature-docker"></a>Docker</h2></div></div></div>
<p>Cockpit can manage containers via <a class="ulink" href="https://www.docker.com/" target="_top">Docker</a>.
    This functionality is present in the Cockpit <span class="emphasis"><em>docker</em></span> package.</p>
<p>Cockpit communicates with the Docker daemon via its API via the
    <code class="filename">/var/run/docker.sock</code> unix socket. The Docker API
    is root equivalent, and on a properly configured system, only <code class="code">root</code>
    can access the Docker API. If the currently logged in user is not <code class="code">root</code>
    then Cockpit will try to
    <a class="link" href="privileges.html" title="Privileges and Permissions">escalate the user's privileges</a> via Polkit
    or sudo before connecting to the socket.</p>
<p>Alternatively one may
    <a class="ulink" href="https://docs.docker.com/engine/installation/linux/rhel/#/create-a-docker-group" target="_top">create a <code class="code">docker</code> unix group</a>. Anyone in that <code class="code">docker</code> group can then access
    the Docker API, and gain root privileges on the system. This
    <a class="ulink" href="https://docs.docker.com/engine/security/security/#docker-daemon-attack-surface" target="_top">impacts system security</a>
    and is not recommended for general usage.</p>
<p>Similar container functionality is available on the command line via the
    <code class="filename">docker</code> tool:</p>
<pre class="programlisting">
$ <span class="command"><strong>sudo docker run -ti fedora /bin/bash</strong></span>
[root@57625bc8787e /]#
</pre>
</div>
<div class="footer"><hr></div>
</body>
</html>

APT Browse - Built by Thomas Orozco.