====== Docker - Security - Run Docker As Non-root User ======

<WRAP alert>
**ALERT:**  The problem with this is that it can potentially expose your system to root access.

Simply run the following and you can read/write to any file as root through /opt/host inside of your docker container.

<code bash>
docker run -it -v /:/opt/host debian bash
</code>

On a personal system, this isn’t too big of a problem, but in a managed user environment where you don’t want users to have root access or access to private information of other users (ssh keys for example), this can be a big issue.
</WRAP>

----


Create a group called “docker” with the following command:

<code bash>
sudo groupadd docker
</code>

Next, add your user to the docker group:

<code bash>
sudo usermod -aG docker $USER
</code>

After adding the user to the docker group, log out and log back in to take effect the changes.

----

Just in case, you already ran a few Docker commands with ‘sudo’ permission before adding your user to the Docker group, you will probably see an error something like below.

<code bash>
WARNING: Error loading config file: /home/user/.docker/config.json -
stat /home/user/.docker/config.json: permission denied
</code>

The above error message indicates that your ~/.docker/ directory was created with incorrect permissions due to the ‘sudo’ commands. To fix this problem, change this directory ownership and permissions using the following commands:

<code bash>
sudo chown "$USER":"$USER" /home/"$USER"/.docker -R

sudo chmod g+rwx "$HOME/.docker" -R
</code>

Log out and log back in for this to take effect.

If it still doesn’t fix the issue, you might need to remove your ~/.docker/ directory. It will be recreated automatically, but you will lose all custom settings, if there are any.