nchebrov/stellars-jupyterhub-ds
1
0
Fork 0
mirror of https://github.com/stellarshenson/stellars-jupyterhub-ds.git synced 2026-03-07 21:50:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
134034a2039f4b8ac883d49be22f645242520d4b
stellars-jupyterhub-ds/docs/docker-socket-permissions.md
stellarshenson e70d4f7236 docs: migrated documentation folder
2026-01-22 01:46:37 +01:00

805 B
Raw Blame History

Docker Access Control

Group-based Docker access for user containers via two built-in groups.

Group Effect
docker-sock Mounts /var/run/docker.sock
docker-privileged Runs container with --privileged flag

Implementation (config/jupyterhub_config.py):

BUILTIN_GROUPS = ['docker-sock', 'docker-privileged']

async def pre_spawn_hook(spawner):
    if 'docker-sock' in user_groups:
        spawner.volumes['/var/run/docker.sock'] = '/var/run/docker.sock'
    if 'docker-privileged' in user_groups:
        spawner.extra_host_config['privileged'] = True

Management: Admin panel /hub/admin -> Groups. User must restart server after membership change.

Security: Both groups grant significant privileges. Only grant to trusted users.

Reference in New Issue View Git Blame Copy Permalink