engine/security/rootless: split to multiple pages ; remove outdated/duplicated info #23302
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
github-actions
bot
added
area/engine
Contributor
Author
|
cc @thaJeztah |
✅ Deploy Preview for docsdocker ready!
To edit notification comments on pull requests, go to your Netlify project configuration. |
This commit only splits the page. The content will be updated in subsequent commits. Signed-off-by: Akihiro Suda <[email protected]>
AkihiroSuda
force-pushed
the
rootless
branch
2 times, most recently
from
4116d2d to
75284be
Compare
Setup: - `dockerd-rootless-setuptool.sh` has been improved to show help when the prerequisites are not satisfied. Users no longer need to read the **lengthy** "prerequisites" documentation unless they encounter issues. - The document had duplicated descriptions about dbus, uidmap, and machinectl stuffs in several places. Graph drivers: - Rootless OverlayFS has been merged into the upstream since kernel 5.11: torvalds/linux@459c7c5 . Ubuntu no longer patches the kernel. - FUSE-OverlayFS is typically no longer needed on the current supported distros, except EL 8. SELinux: - Remove a workaround for an issue that was already fixed in Docker Engine v20.10.8. CLI: - `docker context use rootless` no longer needs to be executed manually, since Docker v23. (moby/moby PR 43061) Signed-off-by: Akihiro Suda <[email protected]>
```
Warning: [vale] reported by reviewdog 🐶
[Docker.Avoid] Consider removing 'very'.
Raw Output:
{"message": "[Docker.Avoid] Consider removing 'very'.", "location": {"path": "content/manuals/engine/security/rootless/_index.md", "range": {"start": {"line": 18, "column": 9}}}, "severity": "WARNING"}
reviewdog: found at least one issue with severity greater than or equal to the given level: warning
Error: [vale] reported by reviewdog 🐶
[Vale.Terms] Use 'cgroup' instead of 'Cgroup'.
Raw Output:
{"message": "[Vale.Terms] Use 'cgroup' instead of 'Cgroup'.", "location": {"path": "content/manuals/engine/security/rootless/troubleshoot.md", "range": {"start": {"line": 73, "column": 3}}}, "severity": "ERROR"}
```
Signed-off-by: Akihiro Suda <[email protected]>
Contributor
Author
|
@thaJeztah Could you take a look? 🙏 |
vvoland
approved these changes
Sep 5, 2025
Contributor
vvoland
left a comment
vvoland
left a comment
There was a problem hiding this comment.
Thanks, LGTM! Spotted one typo though
Contributor
|
@aevesdocker PTAL |
Co-authored-by: Paweł Gronowski <[email protected]>
aevesdocker
reviewed
Sep 8, 2025
aevesdocker
approved these changes
Sep 8, 2025
Contributor
aevesdocker
left a comment
aevesdocker
left a comment
There was a problem hiding this comment.
Great improvements, thank you @AkihiroSuda
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
https://docs.docker.com/engine/security/rootless/ was too lengthy and giving a false sense that Rootless mode was quite clunky and hard to use, although actually it can be just set up in a single command:
Description
Commit 1:
engine/security/rootless: split to multiple pagesThis commit only splits the page.
The content will be updated in subsequent commits.
Commit 2:
engine/security/rootless: remove outdated/duplicated infoSetup:
dockerd-rootless-setuptool.shhas been improved to show help when the prerequisites are not satisfied.Users no longer need to read the lengthy "prerequisites" documentation unless they encounter issues.
The document had duplicated descriptions about dbus, uidmap, and machinectl stuffs in several places.
Graph drivers:
Rootless OverlayFS has been merged into the upstream since kernel 5.11:
torvalds/linux@459c7c5 .
Ubuntu no longer patches the kernel.
FUSE-OverlayFS is typically no longer needed on the current supported distros,
except EL 8.
SELinux:
CLI:
docker context use rootlessno longer needs to be executed manually,since Docker v23. (docker-rootless-setuptools.sh: use context after install moby/moby#43061)
Related issues or tickets
Reviews
Preview
https://deploy-preview-23302--docsdocker.netlify.app/engine/security/rootless/