Permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock

s.pinchuk · October 23, 2023, 11:02am

At present time I have a trouble with docker commands:

 docker ps
permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get "http://%2Fvar%2Frun%2Fdocker.sock/v1.24/containers/json": dial unix /var/run/docker.sock: connect: permission denied.

I tried to find how to fix this trouble, but all Issues for x86 didint help.
I tried to build in docker command:

 sudo docker build -t jetson-build:latest -f Jetson.Dockerfile .
ERROR: Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?

Logs:

journalctl -n 500 -xu docker.service
-- Logs begin at Fri 2023-10-20 17:03:31 CEST, end at Fri 2023-10-20 18:56:37 CEST. --
okt 20 17:03:36 nano systemd[1]: Starting Docker Application Container Engine...
-- Subject: Unit docker.service has begun start-up
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
-- 
-- Unit docker.service has begun starting up.
okt 20 17:03:37 nano dockerd[4502]: time="2023-10-20T17:03:37.548146923+02:00" level=info msg="Starting up"
okt 20 17:03:37 nano dockerd[4502]: time="2023-10-20T17:03:37.579819788+02:00" level=info msg="detected 127.0.0.53 nameserver, assuming systemd-resolved, so using res
okt 20 17:03:37 nano dockerd[4502]: time="2023-10-20T17:03:37.721113069+02:00" level=error msg="failed to mount overlay: no such device" storage-driver=overlay2
okt 20 17:03:37 nano dockerd[4502]: time="2023-10-20T17:03:37.721297600+02:00" level=error msg="exec: \"fuse-overlayfs\": executable file not found in $PATH" storage-
okt 20 17:03:37 nano dockerd[4502]: time="2023-10-20T17:03:37.725910777+02:00" level=info msg="Loading containers: start."
okt 20 17:03:37 nano dockerd[4502]: time="2023-10-20T17:03:37.735372027+02:00" level=warning msg="Could not load necessary modules for Conntrack: Running modprobe nf_
okt 20 17:03:37 nano dockerd[4502]: time="2023-10-20T17:03:37.823074111+02:00" level=info msg="Default bridge (docker0) is assigned with an IP address 172.17.0.0/16. 
okt 20 17:03:37 nano dockerd[4502]: time="2023-10-20T17:03:37.843495100+02:00" level=info msg="Loading containers: done."
okt 20 17:03:37 nano dockerd[4502]: time="2023-10-20T17:03:37.989614475+02:00" level=warning msg="WARNING: bridge-nf-call-iptables is disabled"
okt 20 17:03:37 nano dockerd[4502]: time="2023-10-20T17:03:37.989675048+02:00" level=warning msg="WARNING: bridge-nf-call-ip6tables is disabled"
okt 20 17:03:37 nano dockerd[4502]: time="2023-10-20T17:03:37.989729840+02:00" level=info msg="Docker daemon" commit=659604f graphdriver=vfs version=24.0.2
okt 20 17:03:37 nano dockerd[4502]: time="2023-10-20T17:03:37.990429475+02:00" level=info msg="Daemon has completed initialization"
okt 20 17:03:38 nano dockerd[4502]: time="2023-10-20T17:03:38.056409840+02:00" level=info msg="API listen on /run/docker.sock"
okt 20 17:03:38 nano systemd[1]: Started Docker Application Container Engine.
-- Subject: Unit docker.service has finished start-up
-- Defined-By: systemd

Also it doesnt support iptables:

sudo iptables -L -t nat
modprobe: FATAL: Module ip_tables not found in directory /lib/modules/4.9.337-tegra
iptables v1.6.1: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.

Any other commands in docker doesnt work:

 sudo docker run -it --rm --runtime nvidia --network host -v $(pwd):/app/src -v /usr/local/cuda-10.2/:/usr/local/cuda-10.2/:ro -v /usr/lib/aarch64-linux-gnu/:/usr/lib/aarch64-linux-gnu -v /usr/include/aarch64-linux-gnu:/usr/include/aarch64-linux-gnu jetson-build bash
docker: Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?.
See 'docker run --help'.

AastaLLL · October 24, 2023, 3:51am

Hi,

Based on the error, could you check if your docker daemon is running?

$ sudo systemctl start docker.service

Thanks.

s.pinchuk · October 24, 2023, 11:01am

Hi!
I can`t start docker service:

sudo systemctl start docker.service
Job for docker.service failed because the control process exited with error code.
See "systemctl status docker.service" and "journalctl -xe" for details.


 systemctl status docker.service
● docker.service - Docker Application Container Engine
   Loaded: loaded (/lib/systemd/system/docker.service; enabled; vendor preset: enabled)
  Drop-In: /etc/systemd/system/docker.service.d
           └─override.conf
   Active: failed (Result: exit-code) since Tue 2023-10-24 12:16:29 CEST; 29min ago
     Docs: https://docs.docker.com
  Process: 12023 ExecStart=/usr/bin/dockerd --containerd=/run/containerd/containerd.sock (code=exited, status=1/FAILURE)
 Main PID: 12023 (code=exited, status=1/FAILURE)

okt 24 12:16:29 nano systemd[1]: docker.service: Service hold-off time over, scheduling restart.
okt 24 12:16:29 nano systemd[1]: docker.service: Scheduled restart job, restart counter is at 3.
okt 24 12:16:29 nano systemd[1]: Stopped Docker Application Container Engine.
okt 24 12:16:29 nano systemd[1]: docker.service: Start request repeated too quickly.
okt 24 12:16:29 nano systemd[1]: docker.service: Failed with result 'exit-code'.
okt 24 12:16:29 nano systemd[1]: Failed to start Docker Application Container Engine.

Which docker installed:

 docker version 
Client:
 Version:           20.10.21
 API version:       1.41
 Go version:        go1.18.1
 Git commit:        20.10.21-0ubuntu1~18.04.3
 Built:             Thu Apr 27 05:50:43 2023
 OS/Arch:           linux/arm64
 Context:           default
 Experimental:      true
Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?

journalctl -xe command:

 journalctl -xe
-- Support: http://www.ubuntu.com/support
-- 
-- Unit NetworkManager-dispatcher.service has begun starting up.
okt 24 12:57:11 nano dhclient[4639]: bound to 192.168.88.182 -- renewal in 276 seconds.
okt 24 12:57:11 nano dbus-daemon[3403]: [system] Successfully activated service 'org.freedesktop.nm_dispatcher'
okt 24 12:57:11 nano systemd[1]: Started Network Manager Script Dispatcher Service.
-- Subject: Unit NetworkManager-dispatcher.service has finished start-up
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
-- 
-- Unit NetworkManager-dispatcher.service has finished starting up.
-- 
-- The start-up result is RESULT.
okt 24 12:57:11 nano nm-dispatcher[12234]: req:1 'dhcp4-change' [eth0]: new request (1 scripts)
okt 24 12:57:11 nano nm-dispatcher[12234]: req:1 'dhcp4-change' [eth0]: start running ordered scripts...

s.pinchuk · October 24, 2023, 11:20am

 sudo dockerd
INFO[2023-10-24T13:19:25.541600082+02:00] Starting up                                  
INFO[2023-10-24T13:19:25.543030214+02:00] detected 127.0.0.53 nameserver, assuming systemd-resolved, so using resolv.conf: /run/systemd/resolve/resolv.conf 
INFO[2023-10-24T13:19:25.544242112+02:00] parsed scheme: "unix"                         module=grpc
INFO[2023-10-24T13:19:25.544288519+02:00] scheme "unix" not registered, fallback to default scheme  module=grpc
INFO[2023-10-24T13:19:25.544351437+02:00] ccResolverWrapper: sending update to cc: {[{unix:///run/containerd/containerd.sock  <nil> 0 <nil>}] <nil> <nil>}  module=grpc
INFO[2023-10-24T13:19:25.544386751+02:00] ClientConn switching balancer to "pick_first"  module=grpc
INFO[2023-10-24T13:19:25.546788359+02:00] parsed scheme: "unix"                         module=grpc
INFO[2023-10-24T13:19:25.546865757+02:00] scheme "unix" not registered, fallback to default scheme  module=grpc
INFO[2023-10-24T13:19:25.546944508+02:00] ccResolverWrapper: sending update to cc: {[{unix:///run/containerd/containerd.sock  <nil> 0 <nil>}] <nil> <nil>}  module=grpc
INFO[2023-10-24T13:19:25.546995759+02:00] ClientConn switching balancer to "pick_first"  module=grpc
WARN[2023-10-24T13:19:25.548693292+02:00] [graphdriver] WARNING: the devicemapper storage-driver is deprecated, and will be removed in a future release 
failed to start daemon: error initializing graphdriver: devicemapper: Error running deviceCreate (CreatePool) dm_task_run failed

AastaLLL · October 25, 2023, 6:50am

Hi,

Could you share below file with us?

/etc/docker/daemon.json

Thanks.

s.pinchuk · October 25, 2023, 8:53am

sudo cat /etc/docker/daemon.json
cat: /etc/docker/daemon.json: No such file or directory

ExecStart:

grep 'ExecStart' /lib/systemd/system/docker.service
ExecStart=/usr/bin/dockerd -H tcp://0.0.0.0:2375 --storage-driver=overlay2

AastaLLL · November 2, 2023, 5:48am

Hi,

Could you create one?

/etc/docker/daemon.json

{
    "runtimes": {
        "nvidia": {
            "path": "nvidia-container-runtime",
            "runtimeArgs": []
        }
    }
}

Thanks.

system · December 5, 2023, 5:30am

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Docker: Cannot connect to the Docker daemon Jetson Nano docker	9	4081	October 15, 2021
Docker gives error after upgrading ubuntu Jetson AGX Orin docker	12	2568	March 15, 2024
Docker stopped working after jetpack update + ssd mount Jetson Xavier NX docker	4	1889	March 9, 2022
Docker on the TX2 Jetson TX2	37	31898	October 18, 2021
Docker not working Jetson Nano docker	10	685	December 20, 2023
Docker on TX1 (or TX2) Jetson TX1	25	11789	October 18, 2021
Deepops issue with rootless docker in slurm DGX User Forum ubuntu	4	851	August 10, 2022
Docker container runtime issue Jetson Nano docker	10	4451	October 15, 2021
Docker Engine Dependencies JetPack 5.1 Jetson Xavier NX docker	28	927	April 10, 2024
Cannot build docker container for deepstream-test3 DeepStream SDK	2	334	November 11, 2022

Permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock

Related topics