How to run crictl command as non root user

Question

How to run crictl as non-root user.

My docker commands work with non-root user because my user is added to docker group.

id
uid=1002(kube) gid=100(users) groups=100(users),10(wheel),1001(dockerroot),1002(docker)

I am running dockerD daemon which uses containerd and runc as runtime.

I installed crictl binary and pointed it to connect to existing dockershim socket with config file as below.

cat /etc/crictl.yaml
runtime-endpoint: unix:///var/run/dockershim.sock
image-endpoint: unix:///var/run/dockershim.sock
timeout: 2
debug: false
pull-image-on-create: false

crictl works fine with sudo but without sudo it fails like this.

[user@hostname~]$ crictl ps
FATA[0002] connect: connect endpoint 'unix:///var/run/dockershim.sock', make sure you are running as root and the endpoint has been started: context deadline exceeded

I also tried to change group of dockershim.sock to 'docker' from 'root' just like docker.sock was to try, still same.

srwxr-xr-x 1 root docker 0 Jan  2 23:36 /var/run/dockershim.sock
srw-rw---- 1 root docker 0 Jan  2 23:33 /var/run/docker.sock

score 0 · Answer 1 · answered Nov 24 '22 at 15:33

0

sudo usermod -aG docker $USER

or you can see docker postinstall

answered Nov 24 '22 at 15:33

L-ios

31
3

score 0 · Answer 2 · edited Aug 11 '23 at 15:55

0

You can do the following:

Create containerd group with groupadd containerd
Change containerd.socket group, located at /var/run/containerd/containerd.socket as chgrp containerd containerd.socket
Add your user to created group usermod -aG containerd $USER

edited Aug 11 '23 at 15:55

Adrian Mole

49,934
160
51
83

answered Aug 08 '23 at 08:52

Kranksw

1
1

How to run crictl command as non root user

2 Answers2