DOCKER_TLS_VERIFY is always set

[navidshaikh]

From @hferentschik on November 23, 2015 21:44

DOCKER_TLS_VERIFY is hard coded to 1. In case someone changes the Docker daemon settings to disable TLS, adbinfo will not display the correct information.

The implementation should check the actual Docker configuration (aka whether 'tlsverify' is set) and report DOCKER_TLS_VERIFY accordingly.

Copied from original issue: projectatomic/vagrant-adbinfo#38

[navidshaikh]

@hferentschik : Exposing the docker daemon over TCP without TLS is unsafe. What use case is targeted for running daemon without TLS?

[navidshaikh]

From @bexelbie on December 18, 2015 4:7

I agree that not using TLS is a bad idea, however I think we should actually check for this, if reasonable for completeness.

[navidshaikh]

From @hferentschik on December 18, 2015 9:28

Exposing the docker daemon over TCP without TLS is unsafe. What use case is targeted for running daemon without TLS?

Not so much a concrete use case, but it is possible. Someone might just want to safe himself the trouble with certificates and change the setting in the VM. Good practice or not, adbinfo will then report a wrong value. It's not so much about whether it makes terribly sense, but about the correctness of the implementation.

[navidshaikh]

however I think we should actually check for this, if reasonable for completeness.

Given this use case, VSM needs to first check the configurations of daemon in the box and then present the information accordingly.