Skip to content

How to Fix Docker Permission Denied Error

DodaTech Updated 2026-06-24 2 min read

In this tutorial, you'll learn about How to Fix Docker Permission Denied Error. We cover key concepts, practical examples, and best practices.

You run docker ps and get permission denied while trying to connect to the Docker daemon socket — your user lacks access to /var/run/docker.sock.

The Problem

docker: permission denied while trying to connect to the Docker daemon socket at
unix:///var/run/docker.sock: Get "http://%2Fvar%2Frun%2Fdocker.sock/v1.24/containers/json":
dial unix /var/run/docker.sock: connect: permission denied

The Docker socket is owned by root:docker with permissions srw-rw----. Users not in the docker group cannot access it.

Step-by-Step Fix

Step 1: Check your group membership

groups $USER

If docker is not in the list, proceed.

Step 2: Add user to docker group

sudo usermod -aG docker $USER

Step 3: Refresh group membership

newgrp docker

Or log out and back in.

Step 4: Verify access

docker ps

Expected:

CONTAINER ID   IMAGE     COMMAND   CREATED   STATUS    PORTS     NAMES

Step 5: Verify dockerd is running as the right user

ps aux | grep dockerd

The daemon should run as root. If it runs as a different user, the socket ownership may be wrong. Restart Docker with sudo systemctl restart docker.

Step 6: Alternative — fix socket permissions (temporary)

sudo chmod 666 /var/run/docker.sock

This is insecure and resets on daemon restart. Only use for quick debugging.

Step 7: Use rootless Docker as a permanent solution

Rootless Docker runs the daemon without root privileges:

dockerd-rootless-setuptool.sh install
export PATH=/usr/bin:$PATH
systemctl --user start docker

This eliminates permission issues entirely by running the daemon under your user namespace.

Prevention Tips

  • Add users to the docker group during onboarding
  • Never use chmod 777 on the socket
  • Use sudo for one-off commands if you cannot modify groups
  • On CI systems, ensure the runner user is in the docker group
  • Restart the session after group changes

Common Mistakes with permission denied

  1. Using foldl instead of foldl' causing stack overflow on large lists
  2. Forgetting deriving (Show, Eq) on custom data types needed for debugging
  3. Placing the wildcard pattern first in case expressions, making all subsequent patterns unreachable

These mistakes appear frequently in real-world DOCKER code. DodaTech's contributors have identified these patterns through analysis of open-source projects and production systems.

Practice Exercise

Write a pure function that safely divides two integers using Maybe, then test it with edge cases like division by zero and negative numbers.

This exercise reinforces the concepts covered in this guide. Try implementing it before checking online solutions.

FAQ

### Is adding a user to the docker group a security risk?

Yes. The docker group grants root-equivalent privileges because users can mount any host path or run privileged containers. Only add trusted users. For production, consider rootless Docker or sudo-based access.

Why does the permission error persist after adding the group?

Group changes take effect on new login sessions. Run newgrp docker or log out and back in. If using SSH, disconnect and reconnect.

Can I use Docker without sudo or group membership?

Yes, install Docker in rootless mode. Run dockerd-rootless-setuptool.sh install to set up a user-scoped Docker daemon that does not require root or group membership.

Built by the developers of DodaTech

Doda Browser, DodaZIP & Durga Antivirus Pro