Rootless docker uses wrong plugin sockets path

[jonasgeiler]

Description

I am currently trying to install rclone as a rootless docker volume plugin (adapting from the tutorial here), but when I try to create a volume using the rclone driver I always get the following:

$ docker volume create test -d rclone
Error response from daemon: create test: error looking up volume plugin rclone: plugin "rclone" not found

I looked at the source code to find out why docker can't find the plugin, and it looks like docker has the plugin sockets path hard-coded to /run/docker/plugins, while I'm using /run/user/1000/docker/plugins (or $XDG_RUNTIME_DIR/docker/plugins) for the rclone volume plugin. I expected /run/user/1000/docker/plugins/rclone.sock to be the path where I should put my plugin socket in rootless mode.
The line where the path is hard-coded is here:

moby/pkg/plugins/discovery.go

Line 21 in faf84d7

const defaultSocketsPath = "/run/docker/plugins"

But there's probably some other places too.

I think this issue is very similar to #43111 but has not been fixed yet. Also I'm pretty sure there was already a plugins folder in /run/user/1000/docker/, which is why I assumed the socket had to be created there.

Reproduce

0. Setup docker in rootless-mode
1. Install rclone (you might have to install fuse too)
2. Create ~/.config/systemd/user/docker-volume-rclone.service:

   [Unit]
   Description=Docker Volume Plugin for rclone (Rootless)
   Before=docker.service
   After=network.target docker-volume-rclone.socket
   Requires=docker-volume-rclone.socket docker.service
   
   [Service]
   ExecStart=/usr/bin/rclone serve docker \
     --base-dir $HOME/.local/share/docker-volumes/rclone \
     --socket-addr $XDG_RUNTIME_DIR/docker/plugins/rclone.sock
   ExecStartPre=/usr/bin/mkdir -p $HOME/.local/share/docker-volumes/rclone
   ExecStartPre=/usr/bin/mkdir -p $HOME/.local/share/docker-plugins/rclone/config
   ExecStartPre=/usr/bin/mkdir -p $HOME/.local/share/docker-plugins/rclone/cache
   Environment=RCLONE_CONFIG=$HOME/.local/share/docker-plugins/rclone/config/rclone.conf
   Environment=RCLONE_CACHE_DIR=$HOME/.local/share/docker-plugins/rclone/cache
   Environment=RCLONE_VERBOSE=1
   
   [Install]
   WantedBy=default.target
   

3. Create ~/.config/systemd/user/docker-volume-rclone.socket:

   [Unit]
   Description=Docker Volume Plugin for rclone (Rootless)
   
   [Socket]
   ListenStream=$XDG_RUNTIME_DIR/docker/plugins/rclone.sock
   
   [Install]
   WantedBy=sockets.target
   

4. Start the socket and service with systemctl --user start docker-volume-rclone.socket && systemctl --user start docker-volume-rclone.service
5. Run something like docker volume create test -d rclone -o type=sftp -o sftp-host=_hostname_ -o sftp-user=_username_ -o sftp-pass=_password_ -o allow-other=true

Expected behavior

The volume with the rclone driver is created successfully.

docker version

Client: Docker Engine - Community
 Version:           26.1.0
 API version:       1.45
 Go version:        go1.21.9
 Git commit:        9714adc
 Built:             Mon Apr 22 17:06:56 2024
 OS/Arch:           linux/amd64
 Context:           rootless

Server: Docker Engine - Community
 Engine:
  Version:          26.1.0
  API version:      1.45 (minimum version 1.24)
  Go version:       go1.21.9
  Git commit:       c8af8eb
  Built:            Mon Apr 22 17:06:56 2024
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.6.31
  GitCommit:        e377cd56a71523140ca6ae87e30244719194a521
 runc:
  Version:          1.1.12
  GitCommit:        v1.1.12-0-g51d5e94
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0
 rootlesskit:
  Version:          2.0.2
  ApiVersion:       1.1.1
  NetworkDriver:    slirp4netns
  PortDriver:       slirp4netns
  StateDir:         /run/user/1000/dockerd-rootless
 slirp4netns:
  Version:          1.2.0
  GitCommit:        656041d45cfca7a4176f6b7eed9e4fe6c11e8383

docker info

Client: Docker Engine - Community
 Version:    26.1.0
 Context:    rootless
 Debug Mode: false
 Plugins:
  buildx: Docker Buildx (Docker Inc.)
    Version:  v0.14.0
    Path:     /usr/libexec/docker/cli-plugins/docker-buildx
  compose: Docker Compose (Docker Inc.)
    Version:  v2.26.1
    Path:     /usr/libexec/docker/cli-plugins/docker-compose

Server:
 Containers: 0
  Running: 0
  Paused: 0
  Stopped: 0
 Images: 0
 Server Version: 26.1.0
 Storage Driver: overlay2
  Backing Filesystem: extfs
  Supports d_type: true
  Using metacopy: false
  Native Overlay Diff: false
  userxattr: true
 Logging Driver: local
 Cgroup Driver: systemd
 Cgroup Version: 2
 Plugins:
  Volume: local
  Network: bridge host ipvlan macvlan null overlay
  Log: awslogs fluentd gcplogs gelf journald json-file local splunk syslog
 Swarm: inactive
 Runtimes: io.containerd.runc.v2 runc
 Default Runtime: runc
 Init Binary: docker-init
 containerd version: e377cd56a71523140ca6ae87e30244719194a521
 runc version: v1.1.12-0-g51d5e94
 init version: de40ad0
 Security Options:
  seccomp
   Profile: builtin
  rootless
  cgroupns
 Kernel Version: 6.1.0-20-amd64
 Operating System: Debian GNU/Linux 12 (bookworm)
 OSType: linux
 Architecture: x86_64
 CPUs: 8
 Total Memory: 15.62GiB
 Name: ordon
 ID: 1fccb17f-15ef-431c-99a1-1c48dab9ddc2
 Docker Root Dir: /home/jonas/.local/share/docker
 Debug Mode: false
 Experimental: false
 Insecure Registries:
  127.0.0.0/8
 Live Restore Enabled: false
 Default Address Pools:
   Base: 172.17.0.0/16, Size: 16
   Base: 172.18.0.0/16, Size: 16
   Base: 172.19.0.0/16, Size: 16
   Base: 172.20.0.0/14, Size: 16
   Base: 172.24.0.0/14, Size: 16
   Base: 172.28.0.0/14, Size: 16
   Base: 192.168.0.0/16, Size: 20
   Base: fd42:0000:03e8::/104, Size: 112

Additional Info

The temporary workaround I'm using is creating a file at ~/.local/lib/docker/plugins/rclone.spec with the following content:

unix:///run/user/1000/docker/plugins/rclone.sock

This works fine for now. Although I'd like to note that I tried putting this file in ~/.config/docker/plugins and that didn't work? Maybe another issue.