🚀Launch Week 07, Jaunary 27th - 31st, 2025🚀
Powerpipe Hub 
Hub
Mods
turbot/docker_compliance
Overview
1Dashboards
88Controls
88Queries
2Variables
GitHub

Control: 2.1 Run the Docker daemon as a non-root user, if possible

Description

Rootless mode executes the Docker daemon and containers inside a user namespace, with both the daemon and the container are running without root privileges. Rootless mode allows running the Docker daemon and containers as a non-root user to mitigate potential vulnerabilities in the daemon and the container runtime

Remediation

Follow the current Docker documentation on how to install the Docker daemon as a non-root user

Default Value

The Docker daemon is running as the root user by default.

Usage

Run the control in your terminal:

powerpipe control run docker_compliance.control.cis_v160_2_1

Snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe control run docker_compliance.control.cis_v160_2_1 --share

SQL

This control uses a named query:

exec_docker_daemon_run_as_root_user

Tags

category = Compliance
cis = true
cis_item_id = 2.1
cis_level = 2
cis_section_id = 2
cis_type = manual
cis_version = v1.6.0
plugin = docker
service = Docker