Docker: Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock

Question

I am new to docker. I just tried to use docker in my local machine(Ubuntu 16.04) with Jenkins.

I configured a new job with below pipeline script.

Answer 1

use below dockerfile

FROM jenkins/jenkins

USER root

# Install Docker
RUN apt-get update && \
    apt-get -y install apt-transport-https \
    ca-certificates \
    curl \
    gnupg2 \
    software-properties-common && \
    curl -fsSL https://download.docker.com/linux/$(. /etc/os-release; echo "$ID")/gpg > /tmp/dkey; apt-key add /tmp/dkey && \
    add-apt-repository \
    "deb [arch=amd64] https://download.docker.com/linux/$(. /etc/os-release; echo "$ID") \
    $(lsb_release -cs) \
    stable" && \
    apt-get update && \
    apt-get -y install docker-ce


# Compose
RUN curl -L "https://github.com/docker/compose/releases/download/1.22.0/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose && chmod +x /usr/local/bin/docker-compose



RUN usermod -aG docker jenkins
RUN usermod -aG root jenkins

USER jenkins

Answer 2

In my case this will work successfully. navigate your local repo and enter this command.

sudo chmod 666 /var/run/docker.sock

Answer 3

Maybe you should run the docker with option "-u root" from the very beginning

At least that solved my problem

Answer 4

In my case, it was not only necessary add jenkins user to docker group, but make that group the primary group of the jenkins user.

# usermod -g docker jenkins
# usermod -a -G jenkins jenkins

Don't forget to reconnect the jenkins slave node or restart the jenkins server, depend on your case.

Answer 5

I`m using the official jenkins docker image (https://hub.docker.com/r/jenkins/jenkins) but I think this solution is applicable to most use cases where we want to run Docker inside a Docker container.

The recommended way for using Docker inside a Docker container, is to use the Docker deamon of the host system. Good article regarding that: https://itnext.io/docker-in-docker-521958d34efd.

The secret to handle the permission issue, which this question is about, is to add permissions for the user of the container inside the container, not the host system. Only root user has permissions to do that by default, so

docker exec -it -u root <container-name> bash
usermod -a -G docker <username>

will do it. Remember to restart the container.

I guess the simpliest way to achive this is to create a customised Dockerfile:

# Official jenkins image
FROM jenkins/jenkins:lts
# Swith to root to be able to install Docker and modify permissions
USER root
RUN apt-get update
# Install docker
RUN curl -sSL https://get.docker.com/ | sh
# Add jenkins user to docker group
RUN usermod -a -G docker jenkins
# Switch back to default user
USER jenkins

# Bild the image:
# sudo docker build -t yourusername/imagename .
# Run the image and mount with the followin bind mount option:
# sudo docker run --name imagename -d -p8080:8080 -v /var/run/docker.sock:/var/run/docker.sock yourusername/imagename

Answer 6

I am running Jenkins inside a docker container. The simplest solution for me was to make a custom image that dynamically sets the GID, like:

FROM jenkins/jenkins:lts
...
CMD DOCKER_GID=$(stat -c '%g' /var/run/docker.sock) && \
    groupadd -for -g ${DOCKER_GID} docker && \
    usermod -aG docker jenkins && \
    sudo -E -H -u jenkins bash -c /usr/local/bin/jenkins.sh

See: https://github.com/jenkinsci/docker/issues/263

Alternatively you could launch jenkins with the following options:

-v /var/run/docker.sock:/var/run/docker.sock \
-u jenkins:$(getent group docker | cut -d: -f3)

This assumes your jenkins image has docker client installed. See: https://getintodevops.com/blog/the-simple-way-to-run-docker-in-docker-for-ci