How solve permission problems for docker in ubuntu?

docker linux permissions ubuntu

I have installed docker as described here. I use Ubuntu Trusty 14.04 (LTS) (64-bit). Everything during installation was well. Also command $ sudo docker run -i -t ubuntu /bin/bash completes well (after I typed "exit" in opened console. But when I tryin to do something else I get "permission denied". For example:

`$ sudo docker run -d -P training/webapp python app.py`

Reuslts in Post http:///var/run/docker.sock/v1.12/containers/create: dial unix /var/run/docker.sock: permission denied

` docker info`

Reuslts in Get http:///var/run/docker.sock/v1.12/info: dial unix /var/run/docker.sock: permission denied

How to solve this? I googled about the problem but I can not find a solution for my case.


Solution 1:

Add the docker group if it doesn't already exist.

$ sudo groupadd docker

Add the connected user ${USER} to the docker group. Change the user name to match your preferred user.

$ sudo gpasswd -a ${USER} docker

Restart the Docker daemon:

$ sudo service docker restart # Or docker.io for older versions
# 18.04+ with snap:
$ sudo systemctl restart snap.docker.dockerd

You should log out and log in again to update group permissions. To avoid that, you can switch to a subshell as follows. Or use any of the other tricks mentioned in this question:

su - $USER

Solution 2:

If you're running CentOS or RedHat, you might have to disable SELinux first by running:

setenforce 0

Eiter restart afterwards to reenable SELinux or run setenforce 1.

Solution 3:

I had the same problem, due to selinux. You can check if selinux is the culprit by:

  1. Disabling selinux: setenforce 0
  2. Retrying

If disabling selinux solved your problem, it's not a reason to leave it disabled:

  1. Enable selinux: setenforce 1
  2. Allow the socket connection in the selinux configuration: setsebool docker_connect_any true
  3. Run your Docker container with the --priviledged option

Solution 4:

I assume, your username is already in docker group. To check this, issue below command.

id -nG

If not you need to add your user into the docker group by below command. 

sudo groupadd docker
sudo usermod -aG docker $USER

When you execute the command, sudo systemctl start docker, it creates a docker process. That docker process contains dockerd daemon thread. The command also creates default docker.sock Unix socket. The docker.sock socket is continuously listened by dockerd daemon thread. This makes you can do kernel-level IPC with docker.pid process. To be able to use this docker socket, you need to have proper permission from the process level (docker.pid) and file level (docker.sock). So, executing below two commands should solve your issue. sudo chmod a+rwx /var/run/docker.sock # You can provide just execute permission sudo chmod a+rwx /var/run/docker.pid

Related

Ubuntu 17.04 systemd-resolved DNS lookups randomly fail
Convert an MP3 from 48000 to 44100 Hz?
How to convert a VHDX file to VHD?
"will have to" in a past tense clause
"Everyone ask" or "Everyone asks"? [duplicate]
What's the appropriate tense here? [duplicate]
What is it called when two words are combined by overlapping each other?
Grammar related to "not only ... but also..."
Can I say that a painting or a photograph is polemical?
How do I use a question as an embedded quotation when it also deserves a comma?
Usage of "burn" as a form of mockery - How did it start?
Does the sign "Take Free" make sense?