fixup! fixup! [docs] Added description how to run task inside a docker container

Michal Tichák · Michal Tichák · commit e3d76708e1b7 · 2025-10-15T16:49:11.000+02:00
diff --git a/docs/running_docker.md b/docs/running_docker.md
@@ -2,7 +2,7 @@
 
 > ⚠️ **Warning**
 > This method is **not intended for production use**.
-> It serves only as a **proof of concept (POC)** for testing Docker images as part of an existing pipeline.
+> It serves only as a **proof of concept** for testing Docker images as part of an existing pipeline.
 >
 > Currently, it has been tested with the `alma9-flp-node` image running the *readout* component.
 
@@ -12,15 +12,16 @@
 
 ### 1. Manual Setup
 
-Before running tasks in Docker, ensure that the host machine has **Docker** installed.
+Before running tasks in Docker, ensure that the host machine has Docker installed.
 At the time of writing, Docker must be installed **manually**.
 
 > ⚠️ **Security Note**
-> The `flp` user must be able to run `sudo` **without a password**, because Docker requires root privileges.
+> The `flp` user must be able to run `sudo` **without a password**, because Docker requires root privileges because of inter process communication requirements
 >
-> This setup is **not safe for production systems**.
+> This setup is **potentially unsafe** for production systems. There exists rootless mode in Podman (alias for Docker at RHEL) which might solve safety
+> issues. However, we were not able to make this work for more than one container because of ipc requirements.
 
-Run the following commands as `root`:
+Run the following commands as `root` to add `flp` user to sudoers:
 
 ```bash
 usermod -aG wheel flp
@@ -33,15 +34,15 @@ echo '%wheel ALL=(ALL) NOPASSWD: ALL' > /etc/sudoers.d/90-wheel-nopasswd
 
 To run a task inside a Docker container on the executor, wrap the binary call in a `docker run` command within the [ControlWorkflows](https://github.com/AliceO2Group/ControlWorkflows) repository.
 
-For example, to run **readout**, modify the `_plain_command` section of [`readout.yaml`](https://github.com/AliceO2Group/ControlWorkflows/blob/master/tasks/readout.yaml) by adding a Docker command.
+For example, to run readout, modify the `_plain_command` section of [`readout.yaml`](https://github.com/AliceO2Group/ControlWorkflows/blob/master/tasks/readout.yaml) by adding a Docker command.
 
 > 🧩 **Note**
 > You must already have a Docker image that includes the required binary and configuration.
-> (Creating such an image is **outside the scope** of this document.)
+> (Creating such an image is outside the scope of this document.)
 
 #### Example Command
 
-When running *readout*, **Michal Tichak** successfully used the following command inside the `alma9-flp-node` image:
+When running readout, we successfully used the following command inside the `alma9-flp-node` image:
 
 ```bash
 sudo /usr/bin/docker run --name readout --replace \
@@ -53,6 +54,9 @@ sudo /usr/bin/docker run --name readout --replace \
   /opt/o2/bin/o2-readout-exe
 ```
 
+> 🧩 **Note**
+> We are not claiming that this is the most efficient way how to run this image, just that it works.
+
 #### Environment Variables
 
 To identify all required environment variables:
@@ -81,7 +85,7 @@ This ensures shared memory segments are created under the same user context.
 
 ## Tips and Tricks
 
-* Production systems running **RHEL** do not install native Docker via:
+* Production systems running RHEL do not install native Docker via:
 
   ```bash
   dnf install docker
