Score:1

Server

How do I run sudo commands with a system user?

Roger

7/5/23, 8:21 PM

I want to run a minecraft server in Docker, so I started following this guide. In the guide, it is advised to create a system user with a home directory (/opt/minecraft), but without a password (you should not be able to "login" with this user) to run the server on. It uses the following command: sudo useradd -r -m -U -d /opt/minecraft -s /bin/bash minecraft.

I switched to the newly created minecraft "system user" --> sudo su - minecraft.

The problem
So, I want to use docker or docker-compose, and this is where the problem arises:

When I try to run docker-compose using sudo, it asks me for a password (which, obviously, this user does not have).
When I try it without sudo, I get cannot create user data directory: /opt/minecraft/snap/docker/1458: Permission denied.

I'm not really sure what to do here. I can't run docker. I guess I don't want to remove the password from the user (would be a security risk), and I don't want to add a password for the user (then you can login via ssh or something). Am I approaching this the wrong way?

0 + 0

linux

ubuntu

sudo

system-user

Nasir Riley

7/5/23, 8:38 PM

One has to have sudoer rights in order to use the docker commands. Either `sudo docker` or open a root shell and the run the command(s).

Roger

7/6/23, 7:14 AM

Well, this is exactly my problem. See bullet 1 - "When I try to run docker-compose **using sudo**, it asks me for a password (which, obviously, this user does not have)". This user has to be able to run the commands, otherwise the whole point of this user is moot.

Nasir Riley

7/6/23, 2:58 PM

I forgot to mention that it's possible to add a Docker group and do it that way. I haven't used Docker in quite a while.

Score:1

Server

madacoda

7/6/23, 7:20 AM

Look into adding a privileged docker group https://docs.docker.com/engine/install/linux-postinstall/

This will allow you to run docker commands without requiring root or sudo

0 + 0

Roger

7/6/23, 9:31 AM

Good idea. I did this, so now my ``minecraft`` user is in the ``docker`` group. However, I get the exact same error (```cannot create user data directory: /opt/minecraft/snap/docker/1458: Permission denied```). I also removed the docker directory as well as log out/log in and tried again. Same error. It creates ``snap/docker/1458 + common + current`` and returns the above message. Did I miss something? I might add, that everything under my ``minecraft`` users' ``/`` is owned by the ``minecraft`` user.

Roger

7/6/23, 9:44 AM

Maybe it's because I'm using ``snap``?

Roger

7/6/23, 10:13 AM

It WAS because I was using ``snap``! Apparently [``snap`` does not allow running anything that is not under the ``home`` directory](https://askubuntu.com/questions/930437/permission-denied-error-when-running-apps-installed-as-snap-packages-ubuntu-17). I uninstalled the ``snap`` ``docker`` version and installed it from ``apt`` instead, and now it works (with addition to @madacoda's answer, by using the ``docker`` group).

Score:0

Server

Roger

7/6/23, 10:15 AM

This is because I was using snap.

Apparently snap does not allow running anything that is not under the home directory. I uninstalled the snap docker version and installed it from apt instead, and now it works (with addition to @madacoda's answer, by using the docker group).

0 + 0

madacoda

7/7/23, 1:27 AM

Sure would be nice to mark my answer if it solved part of your issue

Roger

7/15/23, 10:55 AM

In this case your answer did not solve my issue (snap was blocking usage of non-home directories). In fact, it did not even solve part of my issue, but a separate issue (running docker commands without requiring sudo/root). Hence it makes no sense marking your answer as solved. This way, the next person who gets this error message can directly go to the correct solution, instead of being confused by a solution that does not solve the actual problem. I did upvote your answer, though, as it was helpful, and just so you know, I very much appreciate your help and I thank you for it!