发表新帖
发表新帖

How to fix “dial unix /var/run/docker.sock: connect: permission denied” when group permissions seem correct?

后端 未结
关注
7 1379
爱一瞬间的悲伤
爱一瞬间的悲伤 2021-01-30 10:01

I\'m suddenly having issues after an update of Ubuntu 18.04: previously I\'ve used docker without issue on the system, but suddenly I cannot. As far as I can tell, the permissio

相关标签:
7条回答
  • 遥遥无期
    2021-01-30 10:39

    Ubuntu 18:04

    sudo setfacl --modify user:$USER:rw /var/run/docker.sock
    0 讨论(0)
  • 灰色年华
    2021-01-30 10:41 
    sudo setfacl --modify user:<user name or ID>:rw /var/run/docker.sock

    It doesn't require a restart and is more secure than usermod or chown.

    as @mirekphd pointed out, the user ID is required when the user name only exists inside the container, but not on the host.

    0 讨论(0)
  • 一整个雨季
    2021-01-30 10:49

    Somehow, i found this page when i have't correct permissons on my docker.sock after my Docker installation. So, if you have the same issue, you can read this:

    $ sudo adduser $USER docker does not work because the group is "root" not "docker"

    $ ls -l /var/run/docker.sock srw-rw---- 1 root root 0 Jul 11 09:48 /var/run/docker.sock so it should be $ sudo adduser $USER root

    from a non-snap installed machine, the group is "docker"

    # ls -l /var/run/docker.sock srw-rw---- 1 root docker 0 Jul 3 04:18 /var/run/docker.sock The correct way is, according to docker.help you have to run the followings BEFORE sudo snap install docker

    $ sudo addgroup --system docker $ sudo adduser $USER docker $ newgrp docker then the group will be "docker"

    $ ls -l /var/run/docker.sock srw-rw---- 1 root docker 0 Jul 11 10:59 /var/run/docker.sock

    Source: https://github.com/docker-archive/docker-snap/issues/1 (yes, first issue :D)

    The easyest way to fix it is to run:

    $ sudo setfacl -m "g:docker:rw" /var/run/docker.sock

    And then, as it already metioned, run following commands for your user:

    $sudo addgroup --system docker
$sudo adduser $USER docker
$newgrp docker

    That's it :) Have fun!

    0 讨论(0)
  • 南方客
    2021-01-30 10:51

    Specific to Ubuntu, there is a known issue with lightdm that removes secondary groups from the user as part of the GUI login. You can follow that issue here: https://bugs.launchpad.net/lightdm/+bug/1781418

    You can try switching off of lightdm or apply the workaround mentioned in the bug report:

    [Comment out the below lines from /etc/pam.d/lightdm:]

    auth optional pam_kwallet.so
auth optional pam_kwallet5.so

    Temporary options include logging into your machine with something like an ssh or su -l command, or running the newgrp docker command. These will only affect the current shell and would need to be done again with each new terminal.

    Outside of this issue, the general commands to give a user direct access to the docker socket (and therefore root access to the host) are:

    sudo usermod -aG docker $(id -un) # you can often use $USER in place of the id command
newgrp docker # affects the current shell, logging out should affect all shells
    0 讨论(0)
  • 执笔经年
    2021-01-30 10:52

    I did the quick fix and it worked immediately. 

    sudo chmod 777 /var/run/docker.sock
    0 讨论(0)
  • 孤独总比滥情好
    2021-01-30 10:56

    add the user to the docker group. 

    sudo usermod -aG docker $USER
sudo reboot
    0 讨论(0)
 看不清?
提交回复
热议问题