How to fix docker Got permission denied issue

Question

I installed Docker in my machine where I have Ubuntu OS  When I run  sudo docker run hello-world  All is ok  but I want to hide the word sudo to make more short the command  If I write the command without the word sudo docker run hello-world  That displays the following   docker  Got permission denied while trying to connect to the Docker daemon socket at unix    var run docker sock  Post http    2Fvar 2Frun 2Fdocker sock v1 35 containers create  dial unix  var run docker sock  connect  permission denied  See  docker run --help    It has happened the same when I try to make  docker-compose up  How can I resolve this

User · Answer

Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get http://%2Fvar%2Frun%2Fdocker.sock/v1.40/images/json: dial unix /var/run/docker.sock: connect: permission denied

sudo chmod 666 /var/run/docker.sock

This fix my problem.

User · Answer

lightdm and kwallet ship with a bug that seems to not pass the supplementary groups at login  To solve this  I also  beside sudo usermod -aG docker  USER  had to comment out  auth optional pam kwallet so auth optional pam kwallet5 so   to   auth optional pam kwallet so  auth optional pam kwallet5 so   in  etc pam d lightdm before rebooting  for the docker-group to actually have effect   bug  https   bugs launchpad net lightdm  bug 1781418 and here  https   bugzilla redhat com show bug cgi id 1581495

User · Answer

To fix that issue  I searched where is my docker and docker-compose installed  In my case  docker was installed in  usr bin docker and docker-compose was installed in  usr local bin docker-compose path  Then  I write this in my terminal   To docker   sudo chmod  x  usr bin docker   To docker-compose   sudo chmod  x  usr local bin docker-compose   Now I don t need write in my commands docker the word sudo                                                                             ERRATA   The best solution of this issue was commented by  mkasberg  I quote comment   That might work  you might run into issues down the road  Also  it s a security vulnerability  You d be better off just adding yourself to the docker group  as the docs say  sudo groupadd docker  sudo usermod -aG docker  USER  Docs  https   docs docker com install linux linux-postinstall   Thanks a lot

User · Answer

After you installed docker  created  docker  group and added user to it  edit docker service unit file   sudo nano  usr lib systemd system docker service   Add two lines into the section  Service    SupplementaryGroups docker     ExecStartPost  bin chmod 666  var run docker sock   Save the file  Ctrl-X  y  Enter   Run and enable the Docker service   sudo systemctl daemon-reload sudo systemctl start docker sudo systemctl enable docker

User · Answer

After an upgrade I got the permission denied  Doing the steps of  mkb  post install steps don t have change anything because my user was already in the  docker  group  I retry-it twice any way without success   After an search hour this following solution finaly worked    sudo chmod 666  var run docker sock   Solution came from Olshansk   Look like the upgrade have recreate the socket without enough permission for the  docker  group   Problems  This hard chmod open security hole and after each reboot  this error start again and again and you have to re-execute the above command each time   I want a solution once and for all  For that you have two problems     1  Problem with SystemD   The socket will be create only with owner  root  and group  root    You can check this first problem with this command     ls -l  lib systemd system docker socket   If every this is good  you should see  root docker  not  root root   2   Problem with graphical Login   https   superuser com questions 1348196 why-my-linux-account-only-belongs-to-one-group  You can check this second problem with this command     groups   If everything is correct you should see the docker group in the list  If not try the command   sudo su  USER  -c groups   if you see then the docker group it is because of the bug    Solutions  If you manage to to get a workaround for the graphical login  this should do the job    sudo chgrp docker  lib systemd system docker socket sudo chmod g w  lib systemd system docker socket   But If you can t manage this bug  a not so bad solution could be this    sudo chgrp  USER  lib systemd system docker socket sudo chmod g w  lib systemd system docker socket   This work because you are in a graphical environnement and probably the only user on your computer  In both case you need a reboot  or an  sudo chmod 666  var run docker sock

User · Answer

I ran into a similar problem as well  but where the container I wanted to create needed to mount  var run docker sock as a volume  Portainer Agent   while running it all under a different namespace  Normally a container does not care about which namespace it is started in -- that is sort of the point -- but since access was made from a different namespace  this had to be circumvented  Adding --userns host to the run command for the container enabled it to use the attain the correct permissions  Quite a specific use case  but after more research hours than I want to admit I just thought I should share it with the world if someone else ends up in this situation

User · Answer

Add docker group      sudo groupadd docker    Add your current user to docker group      sudo usermod -aG docker  USER    Switch session to docker group      newgrp - docker    Run an example to test     docker run hello-world

User · Answer

Rebooting the machine worked for me    reboot

User · Answer

use this command   sudo usermod -aG docker  USER   then restart your computer this worked for me

User · Answer

You can always try Manage Docker as a non-root user paragraph in the https   docs docker com install linux linux-postinstall  docs    After doing this also if the problem persists then you can run the following command to solve it   sudo chmod 666  var run docker sock

User · Answer

you can follow these steps and this will work for you    create a docker group  sudo groupadd docker add your user to this group sudo usermod -aG docker  USER list the groups to make sure that docker group created successfully by running this command groups run the following command also to change the session for docker group newgrp docker change the group ownership for file docker socksudo chown root docker  var run docker sock change the ownership for  docker directory sudo chown   USER    USER   home   USER   docker -R finally sudo chmod g rwx   HOME  docker  -R   After that test you can run docker ps -a

User · Answer

It only requires the changes in permission of sock file  sudo chmod 666  var run docker sock  this will work definately

User · Answer

If you want to run docker as non-root user then you need to add it to the docker group    Create the docker group if it does not exist    sudo groupadd docker   Add your user to the docker group     sudo usermod -aG docker  USER   Run the following command or Logout and login again  and run  that doesn t work you may need to reboot your machine first     newgrp docker    Check if docker can be run without root    docker run hello-world  Reboot if still got error   reboot  Taken from the docker official documentation  manage-docker-as-a-non-root-user

User · Answer

A simple hack is to execute as a  quot Super User quot   To access the super user or root user  follow  At user computer   sudo su  After you enter your password  you ll be at root computer   docker run hello-world

User · Answer

just open terminal and type this command sudo chmod 666  var run docker sock

User · Answer

Seriously guys  Do not add Docker in your groups or modifies the socket posix  without a hardening SELinux   it s a simple way to make a root privesc  Just add an alias in your  bashrc  it s simpler and safer as   alias dc  sudo docker

User · Answer

sudo chmod 666  var run docker sock  this helped me while i was getting error even to log in to the docker But now this works completely fine in my system

User · Answer

This work for me  Get inside the container and modify the file s ACL sudo usermod -aG docker  USER sudo setfacl --modify user  USER rw  var run docker sock  It s a better solution than use chmod

User · Answer

We always forget about ACLs   See setfacl   sudo setfacl -m user  USER rw  var run docker sock

User · Answer

I solve this error with the command      sudo chmod 666  var run docker sock

User · Answer

It is definitely not the case the question was about  but as it is the first search result while googling the error message  I ll leave it here  First of all  check if docker service is running using the following command  systemctl status docker service If it is not running  try starting it  sudo systemctl start docker service     and check the status again  systemctl status docker service If it has not started  investigate the reason  Probably  you have modified a config file and made an error  like I did while modifying  etc docker daemon json

User · Answer

After Docker Installation on Centos  While running below command I got below error    centos aiops-dev-cassandra3     docker run hello-world docker  Got permission denied while trying to connect to the Docker daemon socket at unix    var run docker sock  Post http    2Fvar 2Frun 2Fdocker soc k v1 40 containers create  dial unix  var run docker sock  connect  permission denied  See  docker run --help     Change Group and Permission for docker socket   centos aiops-dev-cassandra3     ls -l  lib systemd system docker socket -rw-r--r--  1 root root 197 Nov 13 07 25  lib systemd system docker socket  centos aiops-dev-cassandra3     sudo chgrp docker  lib systemd system docker socket  centos aiops-dev-cassandra3     sudo chmod 666  var run docker sock  centos aiops-dev-cassandra3     ls -lrth  var run docker sock srw-rw-rw-  1 root docker 0 Nov 20 11 59  var run docker sock  centos aiops-dev-cassandra3       Verify by using below docker command   centos aiops-dev-cassandra3     docker run hello-world Unable to find image  hello-world latest  locally latest  Pulling from library hello-world 1b930d010525  Pull complete Digest  sha256 c3b4ada4687bbaa170745b3e4dd8ac3f194ca95b2d0518b417fb47e5879d9b5f Status  Downloaded newer image for hello-world latest  Hello from Docker  This message shows that your installation appears to be working correctly   To generate this message  Docker took the following steps   1  The Docker client contacted the Docker daemon   2  The Docker daemon pulled the  hello-world  image from the Docker Hub       amd64   3  The Docker daemon created a new container from that image which runs the     executable that produces the output you are currently reading   4  The Docker daemon streamed that output to the Docker client  which sent it     to your terminal   To try something more ambitious  you can run an Ubuntu container with     docker run -it ubuntu bash  Share images  automate workflows  and more with a free Docker ID   https   hub docker com   For more examples and ideas  visit   https   docs docker com get-started    centos aiops-dev-cassandra3

User · Answer

In Linux environment  after installing docker and docker-compose reboot is required for work docker better    reboot  OR restart the docker   sudo systemctl restart docker

User · Answer

Add current user to docker group   sudo usermod -aG docker  USER    Change the permissions of docker socket to be able to connect  to the docker daemon  var run docker sock   sudo chmod 666  var run docker sock

[docker] How to fix docker: Got permission denied issue

Examples related to docker

Examples related to docker-compose