Here are the instructions: https://docs.docker.com/install/linux/linux-postinstall
I don't know if there could be any security implications, but it would be great to run docker-compose without sudo, for a more polished and smooth workflow.
This is essentially the same mechanism to run Wireshark without sudo.
You can already follow the instructions. You need sudo because your user is not part of docker group. The only things that we can do is to add user automatically to docker group.
I don't think this should be done as the default, the security implications seemed pretty severe.
Yup. I think if people use docker, they can add their user to docker group on their own.
Wireshark doesn't just require to set a user into a group, it also require to use setcap which is not something very common.
But I agree that for some packages a user can be added in a group or a service can be started or some packages are stateless and the user just don't know (where) they can find/set their own configuration file, etc. This is imho a point of improvement to make Solus an operating system for everyone.
This is my opinion as well. Yesterday I was too lazy to elaborate, but that's what I meant.
I wouldn't add all users by default because this would allow them to do some stuff that normales requires root permissions (e.g. open ports < 1024). And this is literally the first result for googling docker without sudo.
Fine, then this needs a follow-up Help Center doc on how to configure docker after install.
From my own perspective docker is an administrative tool, thus our documentation should explain the user needs to add themselves to the docker group
to bypass sudo requirement. This is typical of most distributions and I wouldn't want to change that.
As for setcap this is something that should be implemented at the package manager level by way of xattrs. (See also: ping should not be setuid)
@livingsilver94 Go for it. I don't really think it's especially necessary given Docker has official documentation on the matter, but seeing as we already have user modification stuff for Wireshark's documentation then we may as well have a Docker one too. It'll help if folks are running other stuff besides docker-compose like kitematic anyways.