[Bug 1195525] New: Docker socket permissions prevent Cockpit integration

https://bugzilla.redhat.com/show_bug.cgi?id=1195525 Bug ID: 1195525 Summary: Docker socket permissions prevent Cockpit integration Product: Fedora Version: 21 Component: docker-io Severity: medium Assignee: lsm5(a)redhat.com Reporter: Benjamin(a)BGRoberts.id.au QA Contact: extras-qa(a)fedoraproject.org CC: adimania(a)gmail.com, admiller(a)redhat.com, golang(a)lists.fedoraproject.org, hushan.jia(a)gmail.com, jchaloup(a)redhat.com, jperrin(a)centos.org, lsm5(a)redhat.com, mattdm(a)redhat.com, mgoldman(a)redhat.com, miminar(a)redhat.com, s(a)shk.io, thrcka(a)redhat.com, vbatts(a)redhat.com Description of problem: The removal of docker.socket and the docker user/group mean that docker cannot be used as part of the cockpit console anymore (using non-root accounts). This is because, although users can be added to the dockerroot group, the permissions of the sockets are reset upon docker restart. Version-Release number of selected component (if applicable): docker-io-1.5.0-1.fc21.x86_64 cockpit-0.27-3.fc21.x86_64 / cockpit-head Steps to Reproduce: 1. Add user to dockerroot 2. chown docker socket to root:dockerroot 3. Call a docker command from user (succeeds from CLI and cockpit) 4. restart docker 5. Call a docker command from user (fails from CLI and cockpit) Actual results: Ownership of docker socket are reset to root:root Expected results: Ownership of docker socket should be configurable and compatible with cockpit Additional info: related to https://bugzilla.redhat.com/show_bug.cgi?id=1192848 Relevant change in the rpm spec: "* Fri Jan 16 2015 Lokesh Mandvekar <lsm5(a)fedoraproject.org&gt; - 1.4.1-7 - docker group no longer used or created - no socket activation - config file updates to include info about docker_transition_unconfined boolean" -- You are receiving this mail because: You are on the CC list for the bug.