“Permission Denied While Trying to Connect to the Docker Daemon Socket” Error

1. Introduction

Owing to their numerous benefits, containers have become the IT industry’s buzzword regarding technology. The Docker platform is the most well-known and commonly used container platform, with a sizable developer community.

The permission error is the most common issue dealt with in the context of software while accessing it.

In this article, we’ll explore the causes of this error and provide solutions to fix it, including using sudo, adding users to the Docker group, and changing Docker’s permissions.

Without any further ado, let’s get into the nitty-gritty details of it.

2. Troubleshooting the Docker Socket Connection Issue

Docker Engine is a complete container runtime environment that includes the Docker CLI, Docker API, and Docker daemon. Further, the Docker daemon is a background process that runs on a host machine; it receives the request from the Docker CLI or client and connects to the Docker API for managing Docker containers, images, volumes, networks, and other Docker objects.

Also, it uses the Unix Network Socket for communicating between the Docker client and daemon:

$ docker run ubuntu:latest /bin/bash
docker: Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Post "http://%2Fvar%2Frun%2Fdocker.sock/v1.24/containers/create": dial unix /var/run/docker.sock: connect: permission denied.
See 'docker run --help'.
$

Clients always experience this “Permission denied while trying to connect to the Docker daemon socket” error whenever the user doesn’t have the appropriate access rights to the Docker daemon socket. The daemon sockets won’t be accessible by default to any non-root users.

However, adding a user to the Docker group and providing read-write permissions to the daemon sock file will help to evade this issue.

3. Resolving Permission Errors with Docker and User Privileges

There are multiple ways to resolve this permission issue. Let’s start with a temporary solution to solve this problem. As a quick fix, we can use the sudo (superuser do) command in Linux to elevate the privileges or permissions of the user. It will further help us run the Docker commands without any issues:

$ sudo docker run -it ubuntu:latest /bin/bash
[sudo] password for baeldunguser:
[email protected]:/#

Now, follow the steps below to permanently resolve the permission issue on accessing the Docker daemon socket.

First, check whether the Docker user group is available on the host machine. If not, we can add it using groupadd command:

$ sudo groupadd docker

$ getent group docker
docker:x:999:

$ awk -F':' '/docker/{print $4}' /etc/group

Next, let’s add the user to the Docker group, which grants the necessary access rights to the Docker daemon socket:

$ sudo usermod -aG docker baeldunguser

To make the changes effective, we must log out of the previous session and re-enter the new session after adding the user to the docker group:

$ getent group docker
docker:x:999:baeldunguser

$ awk -F':' '/docker/{print $4}' /etc/group
baeldunguser

Then, use the chmod command to modify the read-write permissions of the sock file:

$ sudo ls -la /var/run/docker.sock
[sudo] password for baeldunguser: 
srw-rw---- 1 root docker 0 Mar 13 06:05 /var/run/docker.sock

$ sudo chmod 666 /var/run/docker.sock

$ ls -la /var/run/docker.sock
srw-rw-rw- 1 root docker 0 Mar 13 06:05 /var/run/docker.sock

Lastly, apply the configuration changes by restarting the Docker daemon service using the service docker restart command:

$ sudo service docker restart
$ sudo service docker status
● docker.service - Docker Application Container Engine
   Loaded: loaded (/lib/systemd/system/docker.service; enabled; vendor preset: enabled)
   Active: active (running) since Mon 2023-03-13 07:23:16 IST; 2s ago
     Docs: https://docs.docker.com
 Main PID: 10196 (dockerd)
    Tasks: 13
   CGroup: /system.slice/docker.service
           └─10196 /usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock

Now, we’ve successfully executed the Docker commands from the baeldunguser userspace with appropriate privileges:

$ docker run -it ubuntu:latest /bin/bash
[email protected]:/#

4. Conclusion

In this tutorial, we’ve explored how to temporarily fix the Docker permission issues using the sudo command and permanently add the user to the appropriate group with required read-write permissions to daemon sock files.

Overall, by adhering to best deployment practices, users can avoid such common errors and ensure the smooth operation of their Docker environment.