Permission denied while trying to connect to the Docker daemon socket

[harshSE]

I have provided below block to create docker image.

docker {
    name 'abc:1.0'
    files tasks.war.outputs 
    pull true
}

while running gradle docker on my linux mint I got below error

Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Post http://%2Fvar%2Frun%2Fdocker.sock/v1.26/build?buildargs=%7B%7D&cachefrom=%5B%5D&cgroupparent=&cpuperiod=0&cpuquota=0&cpusetcpus=&cpusetmems=&cpushares=0&dockerfile=Dockerfile&labels=%7B%7D&memory=0&memswap=0&networkmode=default&rm=1&shmsize=0&t=abc%3A1.0&ulimits=null: dial unix /var/run/docker.sock: connect: permission denied

I have already followed docker post-installation steps.

[pkoenig10]

@harshSE Have you verified that you can manually run docker commands without sudo (step 4 in the post-installation steps)? Specifically can you try running docker run hello-world?

[harshSE]

@pkoenig10 Thanks for the reply.

I have verified that docker run works without sudo.

I have tomcat 8 image and it run perfectlly without sudo harsh@harsh /mnt/data/ $ docker run tomcat8 13-Jul-2018 13:47:13.441 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Server version: Apache Tomcat/8.5.16 13-Jul-2018 13:47:13.505 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Server built: Jun 21 2017 17:01:09 UTC

[harshSE]

Hi,

Is there any work-around for these ??

[hamza86]

same problem here.

[actionk]

@harshSE there are already some gradle daemons running on your machine with the old user permissions. you should either reboot or execute ./gradlew --stop

[pranavdaa]

sudo chmod 666 /var/run/docker.sock this command works for Linux based systems

[lsarkisov]

sudo chmod 644 /var/run/docker.sock and restart you system

[ademilua]

Did this $ newgrp docker

and Verify that i can run docker commands without sudo.

$ docker run hello-world

problem solved

[ademilua]

find out more https://www.maxybyte.com/2019/05/linux-command-hot-solutions.html

[srijitatech]

While doing production config i got the permission issue.I tried below solution to resolve the issue.

Error Message

ubuntu@node1:~$ docker run hello-world
docker: Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Post http://%2Fvar%2Frun%2Fdocker.sock/v1.38/containers/create: dial unix /var/run/docker.sock: connect: permission denied.
See 'docker run --help'.

Solution: permissions of the socket indicated in the error message, /var/run/docker.sock:

ubuntu@node1:/var/run$ ls -lrth docker.sock
srw-rw---- 1 root root 0 Oct 17 11:08 docker.sock
ubuntu@ip-172-31-21-106:/var/run$ sudo chmod 666 /var/run/docker.sock
ubuntu@ip-172-31-21-106:/var/run$ ls -lrth docker.sock
srw-rw-rw- 1 root root 0 Oct 17 11:08 docker.sock

After changes permission for docket.sock then execute below command to check permissions.

ubuntu@node1:/var/run$ docker run hello-world
Unable to find image 'hello-world:latest' locally
latest: Pulling from library/hello-world
1b930d010525: Pull complete
Digest: sha256:c3b4ada4687bbaa170745b3e4dd8ac3f194ca95b2d0518b417fb47e5879d9b5f
Status: Downloaded newer image for hello-world:latest

Hello from Docker!
This message shows that your installation appears to be working correctly.

To generate this message, Docker took the following steps:
 1. The Docker client contacted the Docker daemon.
 2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
    (amd64)
 3. The Docker daemon created a new container from that image which runs the
    executable that produces the output you are currently reading.
 4. The Docker daemon streamed that output to the Docker client, which sent it
    to your terminal.

To try something more ambitious, you can run an Ubuntu container with:
 $ docker run -it ubuntu bash

Share images, automate workflows, and more with a free Docker ID:
 https://hub.docker.com/

For more examples and ideas, visit:
 https://docs.docker.com/get-started/

[ThomRoman]

thanks

[joelnbl]

sudo chmod 666 /var/run/docker.sock this command works for Linux based systems

This solved my problem

[sr4kaushal]

sudo chmod 666 /var/run/docker.sock this command worked for my Ubuntu 18.04 systems..Thanks!

[voa2000]

I am running docker swarm on ubuntu 18.04 and sudo chmod 666 /var/run/docker.sock worked for me. Was trying to deploy stack files through Jenkins.

[venkatamamidibathula]

Incase of linux

Follow the commands

sudo usermod -aG docker {user-name} exit

login back you will not see the error

[Doriangaensslen]

Please do not just chmod /var/run/docker.sock this is insecure, instead do this: sudo setfacl -m user:${USER}:rw /var/run/docker.sock otherwise everyone can access the docker API on that system

[jnprogrammer]

sudo chmod 666 /var/run/docker.sock this command works for Linux based systems

This solved my problem

This worked for me on Mint 20 Thanks !!

[Veverke]

I have two containers, one Ubuntu and one running Redhat 7.9. My problem is specifically not being able to run - in the redhat container only - a call to Docker.Dotnet's ListImages (fails with permission denied in /var/run/docker.sock). In the beginning, I was not able to issue any docker command without prefixing it with sudo. I then added the running user to the docker permissions group, and can issue docker commands without sudo. But Docker.Dotnet ListImages (which is simply a wrapper to docker api's images/json endpoint) still fails with the permission denied error on docker.sock. I tried all recommended above, to no avail.

I thought perhaps I should add the User=root (although this is not present in my Ubuntu service file, and therefore does not make much sense). I then realized that the ubuntu and redhat docker service files differ considerably.

Ubuntu:

[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
After=network-online.target docker.socket firewalld.service
Wants=network-online.target
Requires=docker.socket

[Service]
Type=notify
# the default is not to use systemd for cgroups because the delegate issues still
# exists and systemd currently does not support the cgroup feature set required
# for containers run by docker
ExecStart=/usr/bin/dockerd -H fd://
ExecReload=/bin/kill -s HUP $MAINPID
LimitNOFILE=1048576
# Having non-zero Limit*s causes performance problems due to accounting overhead
# in the kernel. We recommend using cgroups to do container-local accounting.
LimitNPROC=infinity
LimitCORE=infinity
# Uncomment TasksMax if your systemd version supports it.
# Only systemd 226 and above support this version.
TasksMax=infinity
TimeoutStartSec=0
# set delegate yes so that systemd does not reset the cgroups of docker containers
Delegate=yes
# kill only the docker process, not all processes in the cgroup
KillMode=process
# restart the docker process if it exits prematurely
Restart=on-failure
StartLimitBurst=3
StartLimitInterval=60s

[Install]
WantedBy=multi-user.target 

Redhat:

[Unit]
Description=Docker Application Container Engine
Documentation=http://docs.docker.com
After=network.target rhel-push-plugin.service registries.service
Wants=docker-storage-setup.service
Requires=rhel-push-plugin.service registries.service
Requires=docker-cleanup.timer

[Service]
Type=notify
NotifyAccess=main
EnvironmentFile=-/run/containers/registries.conf
EnvironmentFile=-/etc/sysconfig/docker
EnvironmentFile=-/etc/sysconfig/docker-storage
EnvironmentFile=-/etc/sysconfig/docker-network
Environment=GOTRACEBACK=crash
Environment=DOCKER_HTTP_HOST_COMPAT=1
Environment=PATH=/usr/libexec/docker:/usr/bin:/usr/sbin
ExecStart=/usr/bin/dockerd-current \
          --add-runtime docker-runc=/usr/libexec/docker/docker-runc-current \
          --default-runtime=docker-runc \
          --authorization-plugin=rhel-push-plugin \
          --exec-opt native.cgroupdriver=systemd \
          --userland-proxy-path=/usr/libexec/docker/docker-proxy-current \
          --init-path=/usr/libexec/docker/docker-init-current \
          --seccomp-profile=/etc/docker/seccomp.json \
          $OPTIONS \
          $DOCKER_STORAGE_OPTIONS \
          $DOCKER_NETWORK_OPTIONS \
          $ADD_REGISTRY \
          $BLOCK_REGISTRY \
          $INSECURE_REGISTRY \
          $REGISTRIES
ExecReload=/bin/kill -s HUP $MAINPID
LimitNOFILE=1048576
LimitNPROC=1048576
LimitCORE=infinity
TimeoutStartSec=0
Restart=on-abnormal
KillMode=process

[Install]
WantedBy=multi-user.target

Any further guidance here ? The redhat authorization plugin looks suspicious...

[Veverke]

Solved it with the posted here.

[AhmedAdelDraz]

This makes it work for this user. sudo usermod -a -G docker ${USER}

[marzoukh]

Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Post http://%2Fvar%2Frun%2Fdocker.sock/v1.24/build?buildargs=%7B%7D&cachefrom=%5B%5D&cgroupparent=&cpuperiod=0&cpuquota=0&cpusetcpus=&cpusetmems=&cpushares=0&dockerfile=Dockerfile&labels=%7B%7D&memory=0&memswap=0&networkmode=default&rm=1&shmsize=0&t=msg-node-nodejs&target=&ulimits=null&version=1: dial unix /var/run/docker.sock: connect: permission denied

good morning everyone please i've this problem i want to execute et project but it is the result i h've it

[villflakken]

@AhmedAdelDraz

This makes it work for this user. sudo usermod -a -G docker ${USER}

thank you! :)

[xor2003]

You can try something like:

project.afterEvaluate {
    ['docker',
    ].each { String taskName ->
        tasks.named(taskName).configure { Exec dockerTask ->
            dockerTask.commandLine = ['sudo'] + dockerTask.commandLine
        }
    }
}