Doesn't work when docker is started manually

[01e9]

I have docker binaries in my home directory and I start docker like this

#!/bin/bash
sudo env PATH=/sbin:$PATH dockerd \
    --group $(id -g) \
    --config-file /home/o/docker/config.json \
    --data-root /home/o/docker/data \
    --exec-root /home/o/docker/run

Also in .bashrc in configured the PATH variable

I do this because my root partition is small (only for system and installed programs) but docker images require a lot of space that's why I made it store all docker related data in my /home partition.

---

This command doesn't detect my running docker daemon

https://github.com/mviereck/x11docker/blob/6b46a8acf6a42031f1c74a1e29154ea5377aaa28/x11docker#L1109

It works when I replace it with

Dockerdaemon="$(pidof dockerd)"  # how docker daemon has been started

[mviereck]

Thanks for your feedback!

I'm a bit surprised that pgrep -xa $(ps -e -o comm | grep dockerd does not show your dockerd process.

I cannot replace with pidof dockerd as I need the full command line with its options for some checks later.

Does ps -ax | grep /dockerd | grep -v grep show your full command line of dockerd?

[01e9]

ps -ax | grep /dockerd | grep -v grep shows the bash script that I use to start the docker command

 1865 pts/0    S+     0:00 /bin/bash /home/i/soft/bin/dockerd.sh

Why slash / before dockerd?

---

Without slash it outputs:

$ ps -ax | grep dockerd | grep -v grep
 1865 pts/0    S+     0:00 /bin/bash /home/i/soft/bin/dockerd.sh
 1867 pts/0    S+     0:00 sudo env PATH=/sbin:/home/i/soft/bin:/home/i/soft/docker:/sbin:/bin:/usr/sbin:/usr/bin:/snap/bin dockerd --group i --data-root /home/i/docker/lib --exec-root /home/i/docker/run --config-file /home/i/docker/daemon.json --pidfile /home/i/docker/pid
 1868 pts/0    Sl+    0:00 dockerd --group i --data-root /home/i/docker/lib --exec-root /home/i/docker/run --config-file /home/i/docker/daemon.json --pidfile /home/i/docker/pid

[01e9]

Filtering by pidof dockerd

$ ps -ax | grep dockerd | grep "$(pidof dockerd) pts"
 1868 pts/0    Sl+    0:10 dockerd --group i --data-root /home/i/docker/lib --exec-root /home/i/docker/run --config-file /home/i/docker/daemon.json --pidfile /home/i/docker/pid

[mviereck]

Does it give a reliable result without pts? In my case I have ? instead of pts.

ps -ax | grep dockerd | grep "$(pidof dockerd)"

---

It seems I have to look deeper; recent docker versions do not reliably show the options dockerd is running with. I have to check /etc/docker/daemon.json, too. Options I am checking for are --selinux-enabled and --userns-remap

[01e9]

Sure, it shows the same result. I added that prefix to make sure I get the process id match. For a bit more safety you can add the space at the end

ps -ax | grep dockerd | grep "$(pidof dockerd) "

[01e9]

I just found out I can customize docker options in config.json

{
    "group": "o",
    "data-root": "/home/o/docker/lib",
    "exec-root": "/home/o/docker/run"
}

and start it with

sudo env PATH=/sbin:$PATH dockerd --config-file /home/o/docker/config.json

also I can install docker system-wide and add that json in /etc/docker/daemon.json docs

[mviereck]

Thanks! I could not check a custom config file, and I found I cannot read /etc/docker/daemon.json without root permissions.

Now I am removing the checks for --selinux-enabled and --userns-remap and set belonging docker run options always instead of checking if they are needed.

Especially I have to set --security-opt label=type:container_runtime_t on systems with SELinux. Previously I checked if it was needed, now I set it as default. Lucky me, it seems not to harm a startup on systems without SELinux.

[mviereck]

I've just uploaded an update that now only checks for running dockerd with pidof dockerd. All checks for dockerd options are dropped now.

I've tested on systems with and without SELinux, no issues so far.

Sorry that your ps checks are not included now :-). Thanks for pointing on this, this way I stumbled over a major issue!