How to know if a docker container is running in privileged mode
Question
Would like to know via bash script, if current running container was started in --privileged mode from inside the container (not from the host machine).
For now I'm stuck with passing an env var with the flag but is not an ideal solution.
2 answers
solution1
36 ACCPTED 2015-08-21 15:56:53
From the docker host
Use the docker inspect command:
docker inspect --format='{{.HostConfig.Privileged}}' <container id>
And within a bash script you could have a test:
if [[ $(docker inspect --format='{{.HostConfig.Privileged}}' <container id>) == "false" ]]; then
echo not privileged
else
echo privileged
fi
From inside the container itself
You have to try to run a command that requires the --privileged flag and see if it fails
For instance ip link add dummy0 type dummy is a command which requires the --privileged flag to be successful:
$ docker run --rm -it ubuntu ip link add dummy0 type dummy
RTNETLINK answers: Operation not permitted
while
$ docker run --rm -it --privileged ubuntu ip link add dummy0 type dummy
runs fine.
In a bash script you could do something similar to this:
ip link add dummy0 type dummy >/dev/null
if [[ $? -eq 0 ]]; then
PRIVILEGED=true
# clean the dummy0 link
ip link delete dummy0 >/dev/null
else
PRIVILEGED=false
fi
solution2
-3 2015-08-21 16:38:16
如果docker run命令有-v /var/run/docker.sock:/var/run/docker.sock容器内部,docker命令( docker ps或docker inspect或any)将可用。
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.