nshalman
commented
7 years ago Not quite where things should be for a Mac (e.g. if on a Mac and Docker VM is not running it will think it needs sudo...)
Closed nshalman closed 4 years ago
nshalman
commented
7 years ago Not quite where things should be for a Mac (e.g. if on a Mac and Docker VM is not running it will think it needs sudo...)
nshalman
commented
7 years ago Well, it's not pretty, but I didn't want to have to resort to some sort of configure script. Based on my own testing on both a Mac and a Linux box, this should be both defensive about making sure Docker is running, and capable of using sudo only when needed.
The test-* targets are also hidden when not on Linux.
Let me know what you think.
Also, please let me squash this all down before merging.
roymarantz
commented
7 years ago Generally speaking I'm not wild about Makefile running sudo. Why not assume that the invoking user has permissions to run docker directly?
nshalman
commented
7 years ago Because mine doesn't on my Linux box. And to clarify: If my user did have that ability, my understanding is that no password would be needed to leverage that to escalate to root on the Linux box. At least with sudo there's a chance that I get prompted from time to time.
https://askubuntu.com/a/477554 https://docs.docker.com/engine/security/security/#docker-daemon-attack-surface https://www.projectatomic.io/blog/2015/08/why-we-dont-let-non-root-users-run-docker-in-centos-fedora-or-rhel/ and https://fosterelli.co/privilege-escalation-via-docker.html
Per feedback in #67 this is the beginning of a TESTING.md and the Makefile that was used to test the changes in #67.