How to know if a docker container is running in privileged mode
From the docker host
Use the docker inspect command:
docker inspect --format='{{.HostConfig.Privileged}}' <container id>
And within a bash script you could have a test:
if [[ $(docker inspect --format='{{.HostConfig.Privileged}}' <container id>) == "false" ]]; then echo not privilegedelse echo privilegedfi
From inside the container itself
You have to try to run a command that requires the --privileged
flag and see if it fails
For instance ip link add dummy0 type dummy
is a command which requires the --privileged
flag to be successful:
$ docker run --rm -it ubuntu ip link add dummy0 type dummyRTNETLINK answers: Operation not permitted
while
$ docker run --rm -it --privileged ubuntu ip link add dummy0 type dummy
runs fine.
In a bash script you could do something similar to this:
ip link add dummy0 type dummy >/dev/nullif [[ $? -eq 0 ]]; then PRIVILEGED=true # clean the dummy0 link ip link delete dummy0 >/dev/nullelse PRIVILEGED=falsefi
From inside the container, your docker commands (docker ps
or docker inspect
or any) will be available if your docker run
command has -v /var/run/docker.sock:/var/run/docker.sock