How to know if a docker container is running in privileged mode
Would like to know via bash script, if current running container was started in --privileged mode from inside the container (not from the host machine).
For now I'm stuck with passing an env var with the flag but is not an ideal solution.
Answer
From the docker host
Use the docker inspect command:
docker inspect --format='{{.HostConfig.Privileged}}' <container id>
And within a bash script you could have a test:
if [[ $(docker inspect --format='{{.HostConfig.Privileged}}' <container id>) == "false" ]]; then
echo not privileged
else
echo privileged
fi
From inside the container itself
You have to try to run a command that requires the --privileged flag and see if it fails
For instance ip link add dummy0 type dummy is a command which requires the --privileged flag to be successful:
$ docker run --rm -it ubuntu ip link add dummy0 type dummy
RTNETLINK answers: Operation not permitted
while
$ docker run --rm -it --privileged ubuntu ip link add dummy0 type dummy
runs fine.
In a bash script you could do something similar to this:
ip link add dummy0 type dummy >/dev/null
if [[ $? -eq 0 ]]; then
PRIVILEGED=true
# clean the dummy0 link
ip link delete dummy0 >/dev/null
else
PRIVILEGED=false
fi