Computer Systems Lab
Connecting & Supporting the Computer Sciences Department


Computer Sciences is now deploying Docker on request in rootless mode. This has several advantages over the standard Docker install.

  • Special permissions/access are not required to run the docker command.
  • No one but you can access/manipulate containers that are run by you.
  • If the Docker service is started within a login session, it inherits your access to AFS.
Docker on workstations is a good tool for development, trying new services, and isolating tools/data from the host computer/operating system. For long term deployment of services used by others, please consult the Computer Systems Lab.

Starting Docker

With the default configuration, the Docker service will not be running when you log in. To start the service, run:

systemctl --user start docker.service

Running Docker at System Boot

Normally, the user Docker service will only run when you are logged in. To get the service to run even if you are not logged in, run the following commands:

loginctl enable-linger
systemctl --user enable docker.service
Due to the authentication requirements of the AFS flle system, Docker will not have access to your AFS files/folders when started outside of your session.


Because this version of Docker runs as you instead of root, it does have a few limitations.

  • Docker cannot expose ports under 1024.
  • Docker cannot access files/devices you do not have access to.

Requesting Docker

To request Docker on your workstation, please contact with the name of the computer you would like Docker configured on.