Skip to content
This repository was archived by the owner on Nov 30, 2023. It is now read-only.

Commit 2ab8f8e

Browse files
ChuxelChuxel
authored
1 parent 431e666 commit 2ab8f8e

File tree

1 file changed

+11
-11
lines changed

1 file changed

+11
-11
lines changed

script-library/docker-debian.sh

Lines changed: 11 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -188,7 +188,7 @@ else
188188
TARGET_COMPOSE_ARCH="x86_64"
189189
fi
190190
if [ "${TARGET_COMPOSE_ARCH}" != "x86_64" ]; then
191-
# Use pip to get a version that runs on this architecture
191+
# Use pip to get a version that runns on this architecture
192192
if ! dpkg -s python3-minimal python3-pip libffi-dev python3-venv > /dev/null 2>&1; then
193193
apt_get_update_if_needed
194194
apt-get -y install python3-minimal python3-pip libffi-dev python3-venv
@@ -232,6 +232,13 @@ if [ "${ENABLE_NONROOT_DOCKER}" = "false" ] || [ "${USERNAME}" = "root" ]; then
232232
exit 0
233233
fi
234234

235+
# Setup a docker group in the event the docker socket's group is not root
236+
if ! grep -qE '^docker:' /etc/group; then
237+
groupadd --system docker
238+
fi
239+
usermod -aG docker "${USERNAME}"
240+
DOCKER_GID="$(grep -oP '^docker:x:\K[^:]+' /etc/group)"
241+
235242
# If enabling non-root access and specified user is found, setup socat and add script
236243
chown -h "${USERNAME}":root "${TARGET_SOCKET}"
237244
if ! dpkg -s socat > /dev/null 2>&1; then
@@ -271,20 +278,13 @@ log()
271278
echo -e "\n** \$(date) **" | sudoIf tee -a \${SOCAT_LOG} > /dev/null
272279
log "Ensuring ${USERNAME} has access to ${SOURCE_SOCKET} via ${TARGET_SOCKET}"
273280
274-
# If enabled, try to add a docker group with the right GID. If the group is root,
281+
# If enabled, try to update the docker group with the right GID. If the group is root,
275282
# fall back on using socat to forward the docker socket to another unix socket so
276283
# that we can set permissions on it without affecting the host.
277284
if [ "${ENABLE_NONROOT_DOCKER}" = "true" ] && [ "${SOURCE_SOCKET}" != "${TARGET_SOCKET}" ] && [ "${USERNAME}" != "root" ] && [ "${USERNAME}" != "0" ]; then
278285
SOCKET_GID=\$(stat -c '%g' ${SOURCE_SOCKET})
279-
if [ "\${SOCKET_GID}" != "0" ]; then
280-
log "Adding user to group with GID \${SOCKET_GID}."
281-
if [ "\$(cat /etc/group | grep :\${SOCKET_GID}:)" = "" ]; then
282-
sudoIf groupadd --gid \${SOCKET_GID} docker-host
283-
fi
284-
# Add user to group if not already in it
285-
if [ "\$(id ${USERNAME} | grep -E "groups.*(=|,)\${SOCKET_GID}\(")" = "" ]; then
286-
sudoIf usermod -aG \${SOCKET_GID} ${USERNAME}
287-
fi
286+
if [ "\${SOCKET_GID}" != "0" ] && [ "\${SOCKET_GID}" != "${DOCKER_GID}" ]; then
287+
sudoIf groupmod --gid "\${SOCKET_GID}" "${USERNAME}"
288288
else
289289
# Enable proxy if not already running
290290
if [ ! -f "\${SOCAT_PID}" ] || ! ps -p \$(cat \${SOCAT_PID}) > /dev/null; then

0 commit comments

Comments
 (0)