Write rights for docker.service

As the download speed from docker hub is slow here, I would like to add mirror(pass --registry-mirror= to ExecStart=/usr/bin/dockerd) to docker daemon. However, I don’t have the write right to edit /usr/lib/systemd/system/docker.service even login as root.

root@colibri-imx6-04836723:/usr/lib/systemd/system# whoami
root@colibri-imx6-04836723:/usr/lib/systemd/system# ls -lha docker.service                                                                            
-rw-r--r-- 2 root root 1.2K Jan  1  1970 docker.service
root@colibri-imx6-04836723:/usr/lib/systemd/system# vi docker.service

"docker.service" [readonly] 34 lines, 643820 characters


The seemingly arbitrary read/write permissions in Torizon are due to OSTree guidelines and how it expects the root file system to be structured.

That being said you have a couple of options here to edit the behavior of dockerd.

  • systemctl edit docker.service will allow you to edit a systemd override file. You can then override the behavior of ExecStart. Do note the behavior of systemd override files are additive so you must first blank out ExecStart then set it in the override to get the intended behavior you expect.
  • Your other option is to simply temporarily remount /usr as read-write with mount -o remount,rw /usr which will then just let you edit the service file directly.

Best Regards,

We are also working on tools that should allow you to add/change files in your image and distribute them as easy installer images and/or ostree updates via Here.
Those tool were actually working but something has been changed in our backend and now we need to allocate some time to fix them. I hope it’s happening in the coming weeks.
Another thing you can do if you are testing and already have the required containers on your PC is to transfer them via ssh. On your PC you can do:
docker save | ssh torizon@ “docker load”
In this way you can transfer a container from your machine to the target without having to update it on the hub.

@valter.tx thanks for updating. These tools are cool, because not every customer would like to upload their own docker image to docker hub.