Permission denied when connect to Remote Docker - docker

What I did to setup:
I can ssh to the remote machine without password.
I already added user to docker group sudo usermod -aG docker ${USER}, and I can run docker run hello-word without sudo on both host and local machine.
I already did ssh-add on my local machine. ssh-add -l shows 2048 SHA256:asdasdas ... (RSA).
I already tried restarting docker sudo service docker start.
But when I run the command:
docker -H ssh://host_user#host_ip:host_port ps
I still get the permission error:
error during connect: Get "http://docker.example.com/v1.24/containers/json": fork/exec /usr/bin/ssh: permission denied

Oh, so it turns out that because I install Docker with Snap.
Uninstall sudo snap remove docker, and then install it again with
sudo apt-get install docker-ce docker-ce-cli containerd.io
solve the problem.

Related

Installing portainner on ubunto server permission denied

So I just installed docker and installed home assistant on docker everything is working but now I want to install PORTAINER starting with this command
docker volume create portainer_data
**And when I press enter it gives me this message get permission denied while trying to connect to the docker daemon socket at unt x:///ver/run/docker and at last it says connect: permission denied
**
What should I do ? Iam new to ubunto and have no experience
I don't know what to do
Try this
sudo groupadd docker
and
sudo usermod -aG docker ${USER}
Also check all docker group users
grep /etc/group -e "docker"

Docker Rancher - Permission Denied when using docker from WSL

I have installed Docker Rancher on Windows 10 with dockerd option and WSL on true for my current WSL distribution (Ubuntu).
When i try to use docker in WSL2, I had the following error:
fpapi#xxx:~$ docker ps
Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get "http://%2Fvar%2Frun%2Fdocker.sock/v1.24/containers/json": dial unix /var/run/docker.sock: connect: permission denied
The command works fine in the cmd shell.
Which kind of permission I'm missing?
The issue is that Docker Rancher installer do not create the docker group.
Use the following commands:
sudo addgroup --system docker
sudo adduser $USER docker
newgrp docker
# And something needs to be done so $USER always runs in group `docker` on the `Ubuntu` WSL
sudo chown root:docker /var/run/docker.sock
sudo chmod g+w /var/run/docker.sock
thanks to https://github.com/rancher-sandbox/rancher-desktop/issues/1156#issuecomment-1017042882

Problems starting docker instance

Not sure this is a docker problem specifically but this is how it goes: I tried sudo docker stop 7f8c9285465c which resulted in
Error response from daemon: cannot stop container: 7f8c9285465c: Cannot kill container...unknown error after kill: runc did not terminate sucessfully: container_linux.go:392: signaling init process caused "permission denied"
Following this stackoverflow suggestion I did sudo aa-remove-unknown. Now the docker stop succeeded but subsequent docker-compose up resulted in:
snap-confine has elevated permissions and is not confined but should be. Refusing to continue to avoid permission escalation attacks.
Next I ran the command sudo apt purge snapd snap-confine && sudo apt install -y snapd. Now running docker-compose up results in
bash: /snap/bin/docker-compose: No such file or directory.
The command sudo docker container ls results in:
Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
sudo service docker status returns Active: active (running).
I tried reinstalling docker. running sudo docker run hello-world retunrs the same Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running? (although status is active)
.
Create file /etc/systemd/network/bridge.network with contents:
[Network]
IPFoward=kernel
If no permissions to save do so in root mode (sudo su -).
Then, run:
sudo systemctl restart systemd-networkd.service # (disconnected network)
sudo apt remove docker-ce # If you hadn't done so before
sudo apt install docker-ce # Should start docker.service
sudo systemctl status docker.service # Verify docker.service is running
This information has been taken from this docker forum discussion.
I think you installed docker with snap and installation of snapd is not complete "snap-confine has elevated permissions and is not confined but should be. Refusing to continue to avoid permission escalation attacks.
" this error indicates that "apparmor" service is not enabled.
sudo systemctl enable --now apparmor
sudo systemctl status apparmor
If apparmor is not installed install it:
sudo apt-get install apparmor
this error "bash: /snap/bin/docker-compose" indicates that "/snap/bin" is not in your PATH. if you run this snap --version you might get an error saying "/snap/bin" is not in PATH.
sudo nano /etc/environment
Add "/snap/bin"
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/local/games:/usr/games:/snap/bin
Now you need to restart your system. Everything should be fixed.

Having Trouble Downloading Hyperledger fabric docker images

Background: I just downloaded docker, docker-compose, node.js,npm, and the hyperledger samples from the offical documentation. However, when I downloaded the hyperledger sample networks,everything seemed to be going fine until the script tried pulling the Hyperledger fabric docker images. This is the error message:
===> Pulling fabric Images
====> hyperledger/fabric-peer:2.1.0
Got permission denied while trying to connect to the Docker daemon socket at unix:///var
/run/docker.sock: Post http://%2Fvar%2Frun%2Fdocker.sock/v1.40/images
/create?fromImage=hyperledger%2Ffabric-peer&tag=2.1.0: dial unix /var/run/docker.sock:
connect: permission denied
NOTE: I am using ubuntu 18.04.4
I'm guessing: either the Docker service is not running, or your user does not have permission to access the Docker service (more likely).
Running your command as sudo is one way to fix it. Or have a look at this question: How can I use docker without sudo? (but be careful about the security trade-offs!)
add sudo to the command while you are pulling your docker images using curl.
sudo curl -sSL fabric-binaries-link | bash -s
A temporary solution would be to change the permission of docker.sock file
Go the terminal and type the following and press enter.
sudo chmod 775 //var/run/docker.sock
However, it is not advised to use the root user for installing software for fabric. Instead, you can do the following:
Create a new user
sudo adduser bibek
Add our user to the sudo group.
sudo usermod -aG sudo bibek
Switch to new user
su - bibek
Then you can install all docker and docker-compose
sudo apt-get install docker.io docker-compose
Start and enable docker
sudo usermod -a -G docker $USER
sudo systemctl start docker
sudo systemctl enable docker
You can check if the installation worked by running:
docker run hello-world
Cheers!

Inside tmux, docker commands won't work without sudo

I am trying to run docker without sudo on ubuntu 16.04.
I followed the Linux post-installation instructions on the docker website:
sudo groupadd docker
sudo usermod -aG docker $USER
I rebooted and then ran
docker ps
this error still appears:
Got permission denied while trying to connect to the Docker daemon
socket at unix:///var/run/docker.sock: Get
http://%2Fvar%2Frun%2Fdocker.sock/v1.37/containers/json: dial unix
/var/run/docker.sock: connect: permission denied
the weird thing is if i ssh from my machine to itself the command is executed correctly.
when i run the command from tty it also works correctly.
edit:
output of ls -lah /var/run/docker.sock:
srw-rw---- 1 root docker 0 Aug 9 11:22 /var/run/docker.sock
output of id:
uid=1000(uname) gid=1000(uname) groups=1000(uname),4(adm),24(cdrom),27(sudo),29(audio),30(dip),46(plugdev),113(lpadmin),128(sambashare),999(docker)
what could have gone wrong?
thanks for the help!
So apparently the problem was the tmux shell.
The problem occurs when an account is added to the docker group, while still having at least one tmux session open. closing all tmux sessions solves the problem [the group accounts will now be updated in the next session].
solution:
kill tmux:
pkill -f tmux
open tmux and test docker:
docker run hello-world
now it works fine
If you initially ran Docker CLI commands using sudo before adding your user to the docker group you may get this error the you need to remove the ~/.docker/ directory (it is recreated automatically, but any custom settings are lost), or change its ownership and permissions using the following commands:
$ sudo chown "$USER":"$USER" /home/"$USER"/.docker -R
$ sudo chmod g+rwx "/home/$USER/.docker" -R

Resources