for-mac icon indicating copy to clipboard operation
for-mac copied to clipboard

Published 20 hours ago verified publisher icon docker

Docker Desktop for Mac does not work for multiple users

Open jcreek opened this issue 1 year ago • 11 comments

  • [x] I have tried with the latest version of Docker Desktop
  • [x] I have tried disabling enabled experimental features
  • [x] I have uploaded Diagnostics
  • Diagnostics ID: 4FC60621-3A08-4B5E-91A9-E5CB28EEFD9F/20230324234343

Expected behavior

When running docker commands from a different user account on the same Macbook I would expect to be able to run the commands.

Actual behavior

Even running with sudo the commands cannot be run. For example, running sudo docker ps results in Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?

Switching to the user account that originally installed docker, that user can run everything absolutely fine.

Information

  • macOS Version: Ventura 13.2.1
  • Intel chip or Apple chip: Apple M2
  • Docker Desktop Version: v4.17.0

Output of /Applications/Docker.app/Contents/MacOS/com.docker.diagnose check

Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get "http://%2Fvar%2Frun%2Fdocker.sock/v1.24/containers/json": dial unix /var/run/docker.sock: connect: permission denied
[FAIL] DD0003: is the Docker CLI working? exit status 1

Steps to reproduce the behavior

  1. Set up two admin user accounts on a Mac.
  2. Install Docker Desktop for Mac on one of them.
  3. Run docker ps and see that it works.
  4. Switch to the other user account and open Docker Desktop for Mac.
  5. Run docker ps or sudo docker ps and see that neither works.

jcreek avatar Mar 24 '23 23:03 jcreek

Can confirm this is still broken in 4.18

jamess60 avatar Apr 23 '23 13:04 jamess60

Still broken in 4.19, it was working just fine in previous versions (4.16).

cleanDataApi avatar May 02 '23 17:05 cleanDataApi

Maybe the DOCKER_HOST must be pointing at the current user, since it uses the $HOME/.docker when it is installed (https://docs.docker.com/desktop/mac/permission-requirements/#installing-symlinks)

Quick fix:

Add export DOCKER_HOST=unix:///Users/$(whoami)/.docker/run/docker.sock to your .bashrc/.zshrc on your Mac source it. It should be working on the current user

or this export DOCKER_HOST=unix://$HOME/.docker/run/docker.sock

eznix86 avatar May 10 '23 10:05 eznix86

@stephen-turner Please review this ^

eznix86 avatar May 10 '23 10:05 eznix86

@eznix86 thanks for the workaround, works for me on M1 mac.

sherpc avatar May 13 '23 02:05 sherpc

This appears to work for me on an M2 Macbook Air. Thank you @eznix86 :)

For anyone finding this thread wanting a really quick way to get this working:

  1. Open a terminal in your home folder
  2. Confirm which shell you are using by running echo $SHELL - it will mention either bash or zsh
  3. In your home directory, either create or edit the relevant file, for example nano .zshrc
  • For bash this is .bashrc
  • For zsh this is .zshrc
  1. Paste the line export DOCKER_HOST=unix:///Users/$(whoami)/.docker/run/docker.sock at the bottom of the file
  2. Close and save the file - if you're editing using nano, press CTRL+X to exit, then y to save your changes and enter to confirm the file name, if it didn't already exist

jcreek avatar May 13 '23 08:05 jcreek

@eznix86 Thanks for the workaround bud, can confirm working Docker 4.18 on 13.3.1(a)

jamess60 avatar May 13 '23 13:05 jamess60

@eznix86 Thanks for the workaround. Can confirm working with Docker 4.19.0.

drakulovski avatar Jun 05 '23 22:06 drakulovski

FYI the new behavior for /var/run/docker.sock is documented here. Make sure to select the tab Version 4.18 and later.

Apparently, there is a new option during install w.r.t. /var/run/docker.sock and so I assume if you update an existing install it is defaulting to not set /var/run/docker.sock (which was the issue I also ran into on a multi user setup). FYI, the new option is under Settings > Advanced > Allow the default Docker socket to be used (requires password). This is a good thing in a multi-user setup b/c now you can run separate Docker Desktop instances simultaneously... so instead of checking the box, consider switching contexts:

Another workaround would be to use the context created by Docker Desktop specific to your user:

docker context use desktop-linux # maps to unix:///Users/foo/.docker/run/docker.sock
docker context ls

Using a context has the added benefit of persisting and applying beyond the current shell process.

g0t4 avatar Jun 11 '23 05:06 g0t4

I had same issue, 2 admin users (work/personal). When logged in to my work account I ran ls -l /var/run/docker.sock which showed me that my docker socket was looking at my personal path /var/run/docker.sock -> /Users/personal/.docker/run/docker.sock

As per @g0t4 advice I switched the Advance setting to look at User and not system. I then added export PATH=$PATH:~/.docker/bin to my .zshrc file and everything started to work.

more info here

Thanks to all those above 🙌

trig79 avatar Jun 13 '23 12:06 trig79

If you choose Install for me only instead of Install for all users of this computer it's not possible to complete a user- or system-level install. You have to remove the ~/.docker directory to get a password prompt and complete the installation.

macOS 14.4.1, 4.28.0

permission-denied

seanbethard avatar Apr 06 '24 11:04 seanbethard