码上快乐

相关内容   简体   繁体

Cannot connect to the Docker daemon. Is the docker daemon running on this host?

本文转载自  查看原文  2017-12-09 20:00  2592    docker

普通用户访问已经运行的docker服务失败 原因是权限不足

from:http://www.cnblogs.com/rexzhao/p/5048004.html

Cannot connect to the Docker daemon. Is the docker daemon running on this host?

$ ls -l /var/run/docker.sock
srw-rw---- 1 root docker 0 Nov 27 05:56 /var/run/docker.sock
$ chmod 666 /var/run/docker.sock
就是修改高于660的权限即可

Docker Daemon Configuration Files

This section covers Docker related files and directory permissions and ownership. Keeping the files and directories, that may contain sensitive parameters, secure is important for correct and secure functioning of Docker daemon.

Verify that docker.socket file ownership is set to root:root

If you are using Docker on a machine that uses systemd to manage services, then verify that the ‘docker.service’ file ownership and group-ownership is correctly set to ‘root’.So that when the account is switched to test user he is not able to access the docker daemon as he is not authorized to do so by root account.

$ stat -c %U:%G /usr/lib/docker | grep -v root:root
$ stat -c %U:%G /usr/lib/docker | grep root:root
root:root

If the permission is not set to root:root then it can be changed by using the following command;

$ chown root:root /usr/lib/systemd/system/docker.service
$ su test
$ docker ps
Cannot connect to the Docker daemon. Is the docker daemon running on this host?
test@ubuntu:/etc/init.d$

Verify that docker.socket file permissions are set to 644 or more restrictive 660

If you are using Docker on a machine that uses systemd to manage services, then verify that the ‘docker.service’ file permissions are correctly set to ‘644’ or more restrictive.

As it can be seen below if we allocate 666 as the permission then the “test” user will be also be available to access the Docker daemon;

$ ls -l /var/run/docker.sock
srw-rw---- 1 root docker 0 Nov 27 05:56 /var/run/docker.sock
$ chmod 666 /var/run/docker.sock
$ su test
test@ubuntu:/etc/init.d$ docker ps
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
test@ubuntu:/etc/init.d$

As soon as we change the permission to 660 we will be able to see that the “test” user is not able to access the docker daemon.

$ chmod 660 /var/run/docker.sock
$ su test
test@ubuntu:/etc/init.d$ docker ps
Cannot connect to the Docker daemon. Is the docker daemon running on this host?
test@ubuntu:/etc/init.d$ exit
exit


免责声明!

本站转载的文章为个人学习借鉴使用,本站对版权不负任何法律责任。如果侵犯了您的隐私权益,请联系本站邮箱yoyou2525@163.com删除。



猜您在找 Cannot connect to the Docker daemon. Is the docker daemon running on this host? Cannot connect to the Docker daemon. Is 'docker daemon' running on this host? Cannot connect to the Docker daemon. Is the docker daemon running on this host? failed to dial gRPC: cannot connect to the Docker daemon. Is 'docker daemon' running on this host?: dial unix /var/run/docker.sock: connect: permission denied docker安装后出现Cannot connect to the Docker daemon. WSL Docker : Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running? docker安装报错Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running? docker 报错 : Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running? docker出现如下错误:Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running? docker search mysql Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
 
粤ICP备18138465号  © 2018-2025 CODEPRJ.COM