Manage docker without sudo on Synology

Manage docker without sudo on Synology

After installing docker to Synology, you noticed that when you use SSH to manage it or use docker-compose, you always have to use the root user. Many Synology users are less familiar with Linux than day-to-day Linux desktop users. So here is a nice trick. Usually, when you install docker, it creates a docker group. And anyone who is a member of this group is free to use docker. In this post, I will walk you through the post-install docker process to configure docker correctly and allow other users to use it.

You may even have tried to fix this yourself, and when you read the official post-install documentation, you will have noticed that the commands used are missing on a Synology NAS. That’s because Synology replaced them. So let’s dive into fixing this.

We will be using terminal access for this. Please read my post on how to set up terminal access if you have not done so.

Please make sure that for these actions, we do not switch to the root user with sudo -i

Log in as an administrator in your Synology NAS with SSH and create the docker group with the following command:

sudo synogroup --add docker

Add your current user to this group; as mentioned before, you should not be root but logged in as your administrator user.

sudo synogroup --member docker $USER

The variable $USER will automatically be replaced with the current user you are logged in with

Now we need to modify the docker socket. This is the bridge between the docker daemon running in the background and the docker CLI. We need to change it to accept commands from the docker group. By default, Synology sets the permissions of the docker socket to root:root. We will change this to root:docker, which means the user owner is root and the group owner is docker.

sudo chown root:docker /var/run/docker.sock

We are done. You have to log out and log in for these changes to take effect. So that you know, you have to restart your Synology NAS in several cases to have everything take effect. You can now enjoy a life where your user can use docker and docker-compose commands without sudo.

When you want to add a user to the docker group, you only have to log in to your Synology NAS with SSH as an administrator and run the following command. Make sure you replace USERNAME with the username of the user you want to add to the docker group.

sudo synogroup --member docker USERNAME

I hope you will enjoy running your docker commands without the need for sudo. Please feel free to leave a comment or email me with any suggestions. And please subscribe for more amazing content.