Closed lippertmarkus closed 5 years ago
Good point, I'll improve that. To understand the effect: is Docker running in Linux container mode?
Docker is running in Windows container mode (as LCOWs work simultaneously anyway). But I found out that when running the docker engine as a service - and not just the dockerd binary in the command line - then both pipes are available (but with different access controls):
PS C:\> $npipe = "\\.\pipe\docker_engine"
PS C:\> $npipe2 = "\\.\pipe\docker_engine_windows"
PS C:\> $dInfo = New-Object "System.IO.DirectoryInfo" -ArgumentList $npipe
PS C:\> $dInfo2 = New-Object "System.IO.DirectoryInfo" -ArgumentList $npipe2
PS C:\> $dInfo.GetAccessControl()
Path Owner Access
---- ----- ------
JEML\lippertmarkus NT-AUTORITÄT\SYSTEM Allow FullControl...
PS C:\> $dInfo2.GetAccessControl()
PS C:\Windows\system32> $dInfo.GetAccessControl()
Path Owner Access
---- ----- ------
VORDEFINIERT\Administratoren NT-AUTORITÄT\SYSTEM Allow FullControl...
Setting the access control only on the first one did work for me.
@lippertmarkus should be fixed now. I first try to set the ACL on docker_engine_windows to match your case and the "standard" Win 10 case. Then I also do the same for docker_engine
@tfenster Thank you, this worked for me!
Unfortunately ACLs set on \\.\pipe\docker_engine
aren't restored after a restart like the ACLs on \\.\pipe\docker_engine_windows
which is only available when using the docker service which I can't use cause it's always eating up my whole RAM after a while (seems like a memory leak) - but that's another topic specific to me and doesn't belong here.
I've got Docker version 18.06.1-ce running and the named pipe is located at
\\.\pipe\docker_engine
instead of\\.\pipe\docker_engine_windows
which leads to following error:Don't know if this has changed between the releases but I think it would be safe to check the existence of the pipe and maybe also autodetect the correct pipe path before setting the access rule. This way you could also handle errors that occur if the Docker daemon doesn't run and the pipe is therefore not present.