docker-py icon indicating copy to clipboard operation
docker-py copied to clipboard

Published 20 hours ago verified publisher icon docker

Cannot connect to `docker.sock` with the python sdk: `PermissionDenied`

Open pranjaldatta99 opened this issue 3 years ago • 0 comments

Issue

Connecting to the docker client on host machine via import docker; client = docker.from_env() fails with a PermissionDenied error. (Refer stack trace).

On my machine, docker needs to be explicitly run with sudo (i.e. $USER is not added to docker group or docker.sock doesn't have 777 permissions)

What I know

  • I understand this is because the docker client needs elevated permissions to run (with sudo).
  • I understand that there are two solutions for this (reference),
    1. Add current user $USER to docker group
    2. Give docker.sock 777 permission (very unsafe)

What I Want to know

  • What is the best practice / recommended solution to this?

Stack trace

>>> client = docker.from_env()
Traceback (most recent call last):
  File "/home/pranjaldatta/miniconda3/envs/pixxel/lib/python3.8/site-packages/urllib3/connectionpool.py", line 703, in urlopen
    httplib_response = self._make_request(
  File "/home/pranjaldatta/miniconda3/envs/pixxel/lib/python3.8/site-packages/urllib3/connectionpool.py", line 398, in _make_request
    conn.request(method, url, **httplib_request_kw)
  File "/home/pranjaldatta/miniconda3/envs/pixxel/lib/python3.8/http/client.py", line 1230, in request
    self._send_request(method, url, body, headers, encode_chunked)
  File "/home/pranjaldatta/miniconda3/envs/pixxel/lib/python3.8/http/client.py", line 1276, in _send_request
    self.endheaders(body, encode_chunked=encode_chunked)
  File "/home/pranjaldatta/miniconda3/envs/pixxel/lib/python3.8/http/client.py", line 1225, in endheaders
    self._send_output(message_body, encode_chunked=encode_chunked)
  File "/home/pranjaldatta/miniconda3/envs/pixxel/lib/python3.8/http/client.py", line 1004, in _send_output
    self.send(msg)
  File "/home/pranjaldatta/miniconda3/envs/pixxel/lib/python3.8/http/client.py", line 944, in send
    self.connect()
  File "/home/pranjaldatta/miniconda3/envs/pixxel/lib/python3.8/site-packages/docker/transport/unixconn.py", line 30, in connect
    sock.connect(self.unix_socket)
PermissionError: [Errno 13] Permission denied

Other Details

  • OS Version: Ubuntu 20.04
  • Kernel: 5.15.0-46-generic
  • Docker Python sdk version: 6.0.0
  • Docker client version
lient: Docker Engine - Community
 Cloud integration: v1.0.24
 Version:           20.10.17
 API version:       1.41
 Go version:        go1.17.11
 Git commit:        100c701
 Built:             Mon Jun  6 23:02:57 2022
 OS/Arch:           linux/amd64
 Context:           default
 Experimental:      true

Server: Docker Engine - Community
 Engine:
  Version:          20.10.17
  API version:      1.41 (minimum version 1.12)
  Go version:       go1.17.11
  Git commit:       a89b842
  Built:            Mon Jun  6 23:01:03 2022
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.6.7
  GitCommit:        0197261a30bf81f1ee8e6a4dd2dea0ef95d67ccb
 runc:
  Version:          1.1.3
  GitCommit:        v1.1.3-0-g6724737
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0

Would really appreciate any help!

pranjaldatta99 avatar Sep 19 '22 13:09 pranjaldatta99