LibrePortal/scripts/checks/requirements/check_docker_rootless.sh
librelad 8b14f26125 refactor(desudo): route scattered runtime sudo through privilege helpers
Convert the remaining ad-hoc 'sudo' calls across the data plane to the
run_privileged helpers so every file op lands as the correct owner with
no blanket root:

- DB/configs (manager-owned): db_list_all_apps, delete_db_file,
  install_sqlite, cli_webui_commands -> runInstallOp
- containers (dockerinstall-owned): scan_container_socket, delete_data,
  webui_task_files, webui_app_log, webui_config_patch,
  application_missing_variables, uninstall_app -> runFileOp/runFileWrite
- genuine root: passwd, tailscale, ufw-docker, sysctl grep, systemd
  unit read, authorized_keys read, nobody chown -> runSystem
- interactive editors and 'id -u': drop sudo entirely (run as caller)
- owncloud/adguard container-UID config edits -> runSystem (funnel;
  docker-exec rework deferred)

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Signed-off-by: librelad <librelad@digitalangels.vip>
2026-05-24 18:00:19 +01:00

14 lines
342 B
Bash
Executable File

#!/bin/bash
checkDockerRootlessRequirement()
{
if [[ $CFG_DOCKER_INSTALL_TYPE == "rootless" ]]; then
### Docker Rootless
if runSystem grep -q "ROOTLESS" $sysctl; then
isSuccessful "Docker Rootless appears to be installed."
else
isNotice "Docker Rootless does not appear to be installed."
((preinstallneeded++))
fi
fi
}