Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Using a non-root user who is NOT member of the docker group I get a panic using docker info --format '{{.Swarm.LocalNodeState}}' #2910

Open
friesje306 opened this issue Jan 5, 2021 · 0 comments
Open

Using a non-root user who is NOT member of the docker group I get a panic using docker info --format '{{.Swarm.LocalNodeState}}' #2910

friesje306 opened this issue Jan 5, 2021 · 0 comments
Labels
help wanted kind/bug

Comments

@friesje306
Copy link

friesje306 commented Jan 5, 2021
edited by thaJeztah
Loading

Description

Installation of docker version 19.03.04 on flatcar. Using a non-root user who is NOT member of the docker group I get a panic using docker info --format '{{.Swarm.LocalNodeState}}'. Running docker info gives the normal error.

Steps to reproduce the issue:

  1. Create a new user without docker group permissions
  2. Run docker info --format '{{.Swarm.LocalNodeState}}'

Describe the results you received:

$ docker info --format '{{.Swarm.LocalNodeState}}'
panic: reflect: indirection through nil pointer to embedded struct [recovered]
        panic: reflect: indirection through nil pointer to embedded struct
 
goroutine 1 [running]:
text/template.errRecover(0xc0003b9340)
        /usr/lib/go1.15/src/text/template/exec.go:169 +0x19e
panic(0x55f8c909a8e0, 0x55f8c93a94f0)
        /usr/lib/go1.15/src/runtime/panic.go:969 +0x1b9
reflect.Value.FieldByIndex(0x55f8c9248dc0, 0xc00011c9c0, 0x99, 0xc00036c480, 0x2, 0x2, 0x0, 0x55f8c9449a80, 0x55f8c9311e60)
        /usr/lib/go1.15/src/reflect/value.go:889 +0x350
text/template.(*state).evalField(0xc0003b92b0, 0x55f8c9248dc0, 0xc00011c9c0, 0x99, 0xc000521741, 0x5, 0x55f8c9431400, 0xc0002475c0, 0x0, 0x0, ...)
        /usr/lib/go1.15/src/text/template/exec.go:612 +0x48d
text/template.(*state).evalFieldChain(0xc0003b92b0, 0x55f8c9248dc0, 0xc00011c9c0, 0x99, 0x55f8c9248dc0, 0xc00011c9c0, 0x99, 0x55f8c9431400, 0xc0002475c0, 0xc00000e5e0, ...)
        /usr/lib/go1.15/src/text/template/exec.go:562 +0x110
text/template.(*state).evalFieldNode(0xc0003b92b0, 0x55f8c9248dc0, 0xc00011c9c0, 0x99, 0xc0002475c0, 0xc00039f1d0, 0x1, 0x1, 0x55f8c9136280, 0x55f8ca0fb338, ...)
        /usr/lib/go1.15/src/text/template/exec.go:529 +0x115
text/template.(*state).evalCommand(0xc0003b92b0, 0x55f8c9248dc0, 0xc00011c9c0, 0x99, 0xc000247560, 0x55f8c9136280, 0x55f8ca0fb338, 0x99, 0x7f4d64769e98, 0xc000255110, ...)
        /usr/lib/go1.15/src/text/template/exec.go:457 +0x8f0
text/template.(*state).evalPipeline(0xc0003b92b0, 0x55f8c9248dc0, 0xc00011c9c0, 0x99, 0xc0000a1140, 0x0, 0xc0003b9200, 0x55f8c779aff0)
        /usr/lib/go1.15/src/text/template/exec.go:431 +0x125
text/template.(*state).walk(0xc0003b92b0, 0x55f8c9248dc0, 0xc00011c9c0, 0x99, 0x55f8c94311c0, 0xc0002475f0)
        /usr/lib/go1.15/src/text/template/exec.go:255 +0x335
text/template.(*state).walk(0xc0003b92b0, 0x55f8c9248dc0, 0xc00011c9c0, 0x99, 0x55f8c9431520, 0xc000247530)
        /usr/lib/go1.15/src/text/template/exec.go:263 +0x11e
text/template.(*Template).execute(0xc00011c900, 0x55f8c93cbe20, 0xc0003becc0, 0x55f8c9248dc0, 0xc00011c9c0, 0x0, 0x0)
        /usr/lib/go1.15/src/text/template/exec.go:220 +0x1c6
text/template.(*Template).Execute(...)
        /usr/lib/go1.15/src/text/template/exec.go:203
github.com/docker/cli/cli/command/system.formatInfo(0x55f8c9445f00, 0xc00049c1c0, 0x0, 0xc00039f170, 0x1, 0x1, 0xc00011c8c0, 0x0, 0x0, 0x0, ...)
        /build/amd64-usr/var/tmp/portage/app-emulation/docker-19.03.14/work/docker-19.03.14/src/github.com/docker/cli/cli/command/system/info.go:478 +0x1fd
github.com/docker/cli/cli/command/system.runInfo(0xc000168c80, 0x55f8c9445f00, 0xc00049c1c0, 0xc00039eb20, 0x0, 0x0)
        /build/amd64-usr/var/tmp/portage/app-emulation/docker-19.03.14/work/docker-19.03.14/src/github.com/docker/cli/cli/command/system/info.go:85 +0x35d
github.com/docker/cli/cli/command/system.NewInfoCommand.func1(0xc000168c80, 0xc00000e240, 0x0, 0x2, 0x0, 0x0)
        /build/amd64-usr/var/tmp/portage/app-emulation/docker-19.03.14/work/docker-19.03.14/src/github.com/docker/cli/cli/command/system/info.go:52 +0x48
github.com/docker/cli/vendor/github.com/spf13/cobra.(*Command).execute(0xc000168c80, 0xc000246880, 0x2, 0x2, 0xc000168c80, 0xc000246880)
        /build/amd64-usr/var/tmp/portage/app-emulation/docker-19.03.14/work/docker-19.03.14/src/github.com/docker/cli/vendor/github.com/spf13/cobra/command.go:762 +0x47c
github.com/docker/cli/vendor/github.com/spf13/cobra.(*Command).ExecuteC(0xc00042c500, 0xc000246870, 0x3, 0x3)
        /build/amd64-usr/var/tmp/portage/app-emulation/docker-19.03.14/work/docker-19.03.14/src/github.com/docker/cli/vendor/github.com/spf13/cobra/command.go:852 +0x308
github.com/docker/cli/vendor/github.com/spf13/cobra.(*Command).Execute(...)
        /build/amd64-usr/var/tmp/portage/app-emulation/docker-19.03.14/work/docker-19.03.14/src/github.com/docker/cli/vendor/github.com/spf13/cobra/command.go:800
main.runDocker(0xc00049c1c0, 0x55f8c93ce340, 0xc000010020)
        /build/amd64-usr/var/tmp/portage/app-emulation/docker-19.03.14/work/docker-19.03.14/src/github.com/docker/cli/cmd/docker/docker.go:281 +0x1de
main.main()
        /build/amd64-usr/var/tmp/portage/app-emulation/docker-19.03.14/work/docker-19.03.14/src/github.com/docker/cli/cmd/docker/docker.go:292 +0xf3

Describe the results you expected:

Client:
Debug Mode: false
 
Server:
ERROR: Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get "http://%2Fvar%2Frun%2Fdocker.sock/v1.40/info": dial unix /var/run/docker.sock: connect: permission denied
errors pretty printing info

Additional information you deem important (e.g. issue happens only occasionally):

Output of docker version:

Client:
 Version:           19.03.14
 API version:       1.40
 Go version:        go1.15.5
 Git commit:        f8db474
 Built:             Tue Dec  1 19:10:28 2020
 OS/Arch:           linux/amd64
 Experimental:      false

Server:
 Engine:
  Version:          19.03.14
  API version:      1.40 (minimum version 1.12)
  Go version:       go1.15.5
  Git commit:       f8db474
  Built:            Tue Dec  1 19:10:28 2020
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.4.3
  GitCommit:        6806845b4f638417933f68721e289c9aeda456b1
 runc:
  Version:          1.0.0-rc92+dev.docker-19.03
  GitCommit:        3d68c79de7184b0eba97946d4f478736f46bf207
 docker-init:
  Version:          0.18.0fec3683b971d9c3ef73f284f176672c44b448662
  GitCommit:

Output of docker info:

Client:
 Debug Mode: false

Server:
 Containers: 8
  Running: 6
  Paused: 0
  Stopped: 2
 Images: 22
 Server Version: 19.03.14
 Storage Driver: overlay2
  Backing Filesystem: extfs
  Supports d_type: true
  Native Overlay Diff: true
 Logging Driver: json-file
 Cgroup Driver: cgroupfs
 Plugins:
  Volume: local
  Network: bridge host ipvlan macvlan null overlay
  Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
 Swarm: active
  NodeID: wo1595lddpc50p4oxu9yi06nu
  Is Manager: true
  ClusterID: kvhk1s5tyzq5gqtogqojimq5x
  Managers: 3
  Nodes: 3
  Default Address Pool: 10.0.0.0/8
  SubnetSize: 24
  Data Path Port: 4789
  Orchestration:
   Task History Retention Limit: 5
  Raft:
   Snapshot Interval: 10000
   Number of Old Snapshots to Retain: 0
   Heartbeat Tick: 1
   Election Tick: 10
  Dispatcher:
   Heartbeat Period: 5 seconds
  CA Configuration:
   Expiry Duration: 3 months
   Force Rotate: 0
  Autolock Managers: false
  Root Rotation In Progress: false
  Node Address: 10.23.125.42
  Manager Addresses:
   10.23.125.42:2377
   10.23.125.43:2377
   10.23.125.44:2377
 Runtimes: runc
 Default Runtime: runc
 Init Binary: docker-init
 containerd version: 6806845b4f638417933f68721e289c9aeda456b1
 runc version: 3d68c79de7184b0eba97946d4f478736f46bf207
 init version:
 Security Options:
  seccomp
   Profile: default
  selinux
 Kernel Version: 5.4.83-flatcar
 Operating System: Flatcar Container Linux by Kinvolk 2605.10.0 (Oklo)
 OSType: linux
 Architecture: x86_64
 CPUs: 8
 Total Memory: 15.61GiB
 Name: sldclr1182
 ID: PZHZ:GRXH:U7U6:FLMC:HZQ5:WHW2:ZE5G:PXBR:VWCU:TX7P:UP5J:UEYN
 Docker Root Dir: /var/lib/docker
 Debug Mode: false
 HTTP Proxy: http://dcproxy.kpn.org:80
 No Proxy: 10.23.125.43,10.23.125.44,specials-registry.kpn.org,m2612.mgt.gen.local,m1612.mgt.gen.local,slnc6r1003.mgt.gen.local,slnc6r1004.mgt.gen.local
 Registry: https://index.docker.io/v1/
 Labels:
 Experimental: false
 Insecure Registries:
  127.0.0.0/8
 Live Restore Enabled: false

Additional environment details (AWS, VirtualBox, physical, etc.):
Vmware, Linux XXXXXXXXX 5.4.83-flatcar #1 SMP Tue Dec 15 18:31:34 -00 2020 x86_64 Intel(R) Xeon(R) Platinum 8160 CPU @ 2.10GHz GenuineIntel GNU/Linux
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
help wanted kind/bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@thaJeztah @friesje306