Description
Steps to reproduce the issue:
- sudo mkdir -p /etc/docker/certs.d/quay.io && sudo touch /etc/docker/certs.d/quay.io/{client.cert,client.key,ca.crt} && sudo chmod 700 /etc/docker/certs.d/quay.io
- ./dockerd-rootless.sh --experimental
- docker -H unix:///run/user//docker.sock pull quay.io/benyoo/gitlab
Describe the results you received:
docker -H unix:///run/user/1000/docker.sock pull quay.io/benyoo/gitlab
Using default tag: latest
Error response from daemon: open /etc/docker/certs.d/quay.io: permission denied
Describe the results you expected:
If the rootless daemon cannot read /etc/docker/certs.d, it should ignore the directory.
Additional information you deem important (e.g. issue happens only occasionally):
Output of docker version:
Client: Docker Engine - Community
Version: 19.03.4
API version: 1.40
Go version: go1.12.10
Git commit: 9013bf583a
Built: Fri Oct 18 15:52:22 2019
OS/Arch: linux/amd64
Experimental: false
Server:
Engine:
Version: dev
API version: 1.41 (minimum version 1.12)
Go version: go1.13.3
Git commit: 649e4c8
Built: Mon Nov 11 12:42:03 2019
OS/Arch: linux/amd64
Experimental: true
containerd:
Version: v1.3.0
GitCommit: 36cf5b690dcc00ff0f34ff7799209050c3d0c59a
runc:
Version: 1.0.0-rc8+dev
GitCommit: 3e425f80a8c931f88e6d94a8c831b9d5aa481657
docker-init:
Version: 0.18.0
GitCommit: fec3683
Output of docker info:
Client:
Debug Mode: false
Server:
Containers: 0
Running: 0
Paused: 0
Stopped: 0
Images: 1
Server Version: dev
Storage Driver: vfs
Logging Driver: json-file
Cgroup Driver: none
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 36cf5b690dcc00ff0f34ff7799209050c3d0c59a
runc version: 3e425f80a8c931f88e6d94a8c831b9d5aa481657
init version: fec3683
Security Options:
seccomp
Profile: default
rootless
Kernel Version: 3.10.0-1062.4.1.el7.x86_64
Operating System: CentOS Linux 7 (Core)
OSType: linux
Architecture: x86_64
CPUs: 2
Total Memory: 3.699GiB
Name: localhost.localdomain
ID: ZGPZ:WCD7:AL65:BPHK:FEDC:XROH:BTT2:GS6N:V4ZJ:2W5Y:ZS7A:RPMY
Docker Root Dir: /home/brian/.local/share/docker
Debug Mode: false
Registry: https://index.docker.io/v1/
Labels:
Experimental: true
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false
WARNING: bridge-nf-call-iptables is disabled
WARNING: bridge-nf-call-ip6tables is disabled
Additional environment details (AWS, VirtualBox, physical, etc.):
N/A
Description
Steps to reproduce the issue:
Describe the results you received:
Describe the results you expected:
If the rootless daemon cannot read /etc/docker/certs.d, it should ignore the directory.
Additional information you deem important (e.g. issue happens only occasionally):
Output of
docker version:Output of
docker info:Additional environment details (AWS, VirtualBox, physical, etc.):
N/A