Docker Daemon Socket Permission Denied

How to Fix "Permission Denied" When Connecting to the Docker Daemon Socket

If you’ve encountered the error message “permission denied while trying to connect to the Docker daemon socket at unix,” it means your user doesn't have the necessary permissions to interact with Docker resources. This issue is usually related to access rights for the Docker daemon socket file (/var/run/docker.sock). By default, the Docker daemon runs as the root user, and non-root users need specific permissions to interact with it.

In this article, we will walk you through the steps to resolve this issue and regain proper access to Docker.

Steps to Fix "Permission Denied" Error for Docker Daemon

1. Add Your User to the Docker Group

The most common solution is adding your user to the Docker group. This group has the necessary permissions to interact with Docker.

Step 1: Check if the Docker Group Exists
First, check if the Docker group already exists on your system. You can do this with the following command:

sudo groupadd docker

If the group already exists, this command will not cause any issues.

Step 2: Add Your User to the Docker Group
Next, add your user to the Docker group. Replace $USER with your actual username if necessary.

sudo usermod -aG docker $USER

The $USER variable refers to the currently logged-in user, but you can also manually replace it with a specific username, like john.

Step 3: Log Out and Log Back In
For the changes to take effect, log out of your session and then log back in. This step ensures that your user picks up the new group membership.

Step 4: Verify the User is in the Docker Group
After logging back in, you can verify that your user is now part of the Docker group by running the following command:

groups $USER

You should see docker listed among the groups for your user.

2. Check and Fix Docker Socket Permissions

The Docker socket file (/var/run/docker.sock) may not have the proper permissions set for your user. If needed, you can manually check and fix the permissions.

Step 1: Check the Permissions of the Docker Socket
Use the ls -l command to check the current permissions of the Docker socket:

ls -l /var/run/docker.sock

The output should look like this:

srw-rw---- 1 root docker 0 date time /var/run/docker.sock

In this example, the file has read and write permissions for both the root and docker groups.

Step 2: Modify the Permissions (if Necessary)
If the socket file doesn’t have the correct permissions, you can modify it using the following command:

sudo chmod 660 /var/run/docker.sock

This command ensures that the root and docker group have read and write access, while others are denied access.

3. Restart Docker Daemon

If you have made changes to group memberships or socket permissions, restarting the Docker daemon may be necessary to apply these changes.

sudo systemctl restart docker

This command will restart Docker and make sure your configuration changes take effect.

4. Verify Docker is Running

Ensure Docker is running on your system by using the following command:

sudo systemctl status docker

If Docker is not running, you can start it with:

sudo systemctl start docker

5. Test Docker Commands

After completing the above steps, test a Docker command without sudo to ensure the issue is resolved:

docker ps

If everything is working correctly, you should no longer see the "permission denied" error when running Docker commands.

6. Use sudo as a Temporary Workaround

If you're in a rush or don’t want to follow all the steps immediately, you can temporarily use sudo to run Docker commands as the root user:

sudo docker ps

However, it’s recommended to fix the permission issues to avoid needing sudo for every Docker command in the future.

7. Reboot Your System (Optional)

In some cases, if the changes still don’t take effect after logging out and back in, try rebooting your system:

sudo reboot

This ensures all configurations and group memberships are refreshed, which can sometimes resolve lingering permission issues.

---

Conclusion

Following the steps outlined above should help you fix the "permission denied" error when trying to connect to the Docker daemon socket. The key solutions are adding your user to the Docker group, checking and fixing socket permissions, and restarting the Docker service. While using sudo temporarily may be a quick fix, it’s best to address the root cause by updating your user permissions for a smoother Docker experience.

By correctly managing your user’s permissions and Docker configuration, you’ll avoid future issues with accessing Docker as a non-root user.