docker

Ever since I switched to podman, I really appreciated the rootless setup. Something about increased security. Recently I had to help someone out with docker rootless and I was really missing podman unshare. Which basically is the unshare subcommand. Luckily something similar exists, which can be used for docker rootless, namely nsenter. To execute a command in the namespace of the docker rootless daemon, you can use this: nsenter -U --preserve-credentials -n -t $(pgrep dockerd) somecommand

Preferbly I use podman, but sometimes you are forced to use docker. Ideally you then switch to docker rootless, because of, well, security. I noticed that the docker rootless installation instructions are not ideal (e.g. contain a bug). Took me a while to figure it out though, but wanted to share. Especially since this might mean, more people (who explicitly want or need to run docker) can run docker safer (rootless).