Permission denied when running Docker after installing it as a Snap

Question

I've installed Docker through the Software store, which indicated that it was a Snap package. Which is fine by me, I guess, but unfortunately, every Docker command I've tried doesn't work:

$ docker info
Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get http://%2Fvar%2Frun%2Fdocker.sock/v1.30/info: dial unix /var/run/docker.sock: connect: permission denied

Any idea how to fix this?

Edit: I've worked around this for now by installing Docker from Docker's own repositories, which might work for people browsing this question in the future as well. I'm leaving the question open for those who want to be able to run it from the Snap, though.

Installed docker from docker official repos. Docker was already running when I added my user to `docker` group, `id -nG` did not show docker and any `docker` command resulted in a permission denied error. Logging out and back in did not work because docker system process keeps running. Rebooting system or restarting docker showed user as part of docker group and allowed executing docker commands. NOTE: 0 rep, can't add comment. — Santosh Patel, Oct 29 '19 at 12:05

score 78 · Accepted Answer · answered Dec 27 '17 at 23:51

78

This is from the GitHub page, did you try these exact steps:

If you are using Ubuntu Core 16,

Connect the docker:home plug as it's not auto-connected by default:

$ sudo snap connect docker:home

If you are using an alternative snap-compatible Linux distribution ("classic" in snap lingo), and would like to run docker as a normal user:

Create and join the docker group.

$ sudo addgroup --system docker
$ sudo adduser $USER docker
$ newgrp docker

You will also need to disable and re-enable the docker snap if you added the group while it was running.

$ sudo snap disable docker
$ sudo snap enable docker

From Docker snap github

answered Dec 27 '17 at 23:51

Mike Coleman

896
7
2

I hadn't seen that page, so thanks for the link. That said, since I'm not using Ubuntu Core, I'd have to follow the `addgroup` instructions, which I think is about what I did, as per the other answers. Unfortunately I'd prefer not to touch the currently working system anymore, but I'd love to hear it if someone else tries this and does manages to get it to work. – Vincent Dec 31 '17 at 10:09
2

disabling/enabling docker snap did the trick for me, thanks – Manish Kumar Jun 13 '18 at 16:23
3

This applies to Ubuntu (Desktop) 19.04 too. – Nick Breen Apr 19 '19 at 08:23
Worked for me! Simply restarting the Docker engine was not enough. I had to disable and then enable it exactly as shown in the answer. – Jeroen Nov 25 '21 at 22:20
Perfect answer.. – BTR Naidu Nov 22 '22 at 15:44
The "alternative" steps worked for me for Ubuntu Server 22.04.1 – mix3d Feb 17 '23 at 19:50
`sudo snap disable docker` and `sudo snap enable docker` did the trick! Thanks! – Slavik Meltser Feb 20 '23 at 08:29
I followed the steps exactly to create and join the docker group, then disable/enable, but I also had to reboot. First I tried logging out and in again but it wasn't enough. (Ubuntu 22.04.2 Kernel 6.1.0) – w-sky Jul 02 '23 at 21:52

score 32 · Answer 2 · edited Apr 17 '18 at 15:43

32

The error message tells you that your current user can’t access the docker engine, because you’re lacking permissions to access the unix socket to communicate with the engine.

Temporary solution

Use the sudo command to execute the commands with elevated permissions every time.

Permanent (suggested) solution

Add the current user to the docker group. This can be achieved by typing

sudo usermod -a -G docker $USER

You have to log out and log in again for the group membership to take effect.

Source: techoverflow.net

edited Apr 17 '18 at 15:43

Michael Hays

103
4

answered Aug 01 '17 at 09:35

ADDB

1,570
1
12
20

2

Your Google-fu is better than mine, apparently. Unfortunately, this doesn't work. First of all, the `docker` group did not exist. I then first ran `sudo addgroup docker` and then reran your command, then logged out and in again. Unfortunately, the error shown in the question persists... – Vincent Aug 01 '17 at 09:46
2

@Vincent you didn't forget group changes don't take place immediately, did you? Try `newgrp docker` or logging out and in. – ADDB Aug 01 '17 at 09:51
Nope, sorry, forgot to mention that - I updated my comment while you responded :) Running `groups vincent` gives: `vincent adm cdrom sudo dip plugdev lpadmin sambashare docker` – Vincent Aug 01 '17 at 09:52
@Vincent just for reference, your docker daemon is started, right? Try `sudo /etc/init.d/docker status` or `sudo service docker status` to test this. – ADDB Aug 01 '17 at 09:55
Hmm, I don't think those work due to it being a Snap: http://paste.ubuntu.com/25219172/ That said, `ps cax | grep dockerd` does give `31034 ? Ssl 0:05 dockerd`. – Vincent Aug 01 '17 at 10:00
@Vincent it's `dockerd` for the daemon, my bad. – ADDB Aug 01 '17 at 10:03
Same results: http://paste.ubuntu.com/25219387/ – Vincent Aug 01 '17 at 10:17

score 8 · Answer 3 · answered Jul 18 '18 at 23:36

I assume, your username is already in docker group. To check this, issue below command.

id -nG

If not you need to add your user into the docker group by below command.

sudo groupadd docker
sudo usermod -aG docker $USER

When you execute the command, sudo systemctl start docker, it creates a docker process. That docker process contains dockerd daemon thread. The command also creates default docker.sock Unix socket. The docker.sock socket is continuously listened by dockerd daemon thread. This makes you can do kernel-level IPC with docker.pid process. To be able to use this docker socket, you need to have proper permission from the process level (docker.pid) and file level (docker.sock). So, executing below two commands should solve your issue. sudo chmod a+rwx /var/run/docker.sock # You can provide just execute permission sudo chmod a+rwx /var/run/docker.pid

Only this working for ubuntu 18.04. Thanks a lot Uddhav Gautam — Sabbir, Aug 28 '18 at 05:33

Nahshon paz · Answer 4 · 2019-05-23T06:35:46.783

7

sudo setfacl -m user:your_user_name:rw /var/run/docker.sock

doesn't require a restart and is more secure

edited May 23 '19 at 06:35

answered Feb 03 '19 at 14:56

Nahshon paz

171
2
4

Can you explain what this command is doing and how it works? – mix3d Feb 17 '23 at 19:47
1

@mix3d basically https://linux.die.net/man/1/setfacl , but I keep getting +1s for this answer (see the comments please): https://stackoverflow.com/questions/51342810/how-to-fix-dial-unix-var-run-docker-sock-connect-permission-denied-when-gro/54504083#54504083 – Nahshon paz Feb 18 '23 at 21:30

score 1 · Answer 5 · edited Dec 20 '17 at 14:46

1

You should add the user to the Docker group (see the official docs).

You can add sudo in front of the command or you can add the user in the docker group by using this command:

sudo usermod -aG docker <USER>

Log out and log back in so that your group membership is re-evaluated.

edited Dec 20 '17 at 14:46

David Foerster

35,754
55
92
145

answered Dec 05 '17 at 19:04

Heesen Ponnusawmy

11
2

Since that content at that link can disappear, please add the relevant details here. – Chai T. Rex Dec 05 '17 at 19:23
1

No need, the other answer already mentioned adding the user to the group - it didn't help. (Also, no reason why that would help for the Snap install but not for the regular install.) – Vincent Dec 07 '17 at 06:29

Permission denied when running Docker after installing it as a Snap

5 Answers5

Temporary solution

Permanent (suggested) solution