Closed szaimen closed 1 year ago
@szaimen thanks for your report. I suspect this is the same as https://github.com/docker/for-mac/issues/6823 . Could you check
docker:cli
image which work and which don't? So far I've not found a combination of those which works with a non-root user. I'm not sure whether it's a change in Docker or in the docker:cli
image. Could you show me the ownership and permissions of the socket in a combination which works?@szaimen thanks for your report. I suspect this is the same as docker/for-mac#6823 .
Yes, this looks like the same issue.
- the ownership and permissions you're seeing on the /var/run/docker.sock inside the container
The ownership is fine. The socket is readable by the user. (see the output of ls -l in the second command above).
- the versions of both Docker Desktop and the
docker:cli
image which work and which don't? So far I've not found a combination of those which works with a non-root user. I'm not sure whether it's a change in Docker or in thedocker:cli
image. Could you show me the ownership and permissions of the socket in a combination which works?
It worked in my testing fine with Docker Desktop 4.18 in combination with the same docker:cli image docker:23.0.5-cli
. I would also give it another try but I am not sure how to get back to Docker Dekstop 4.18 now that I upgraded to 4.19.
I created another issue for this, but having a similar issue. Here are my notes on this.
Docker desktop version 4.19.0 broke my -v /var/run/docker.sock.raw /var/run/docker.sock. About 2 years ago, this solved my docker socket permission denied error (See below).... It was working fine up through version 4.18, but after the v4.19 upgrade, it broke again. Getting this error again. Had to revert back to version 4.18. Same issue on Windows and Mac versions.
""" Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get http://%2Fvar%2Frun%2Fdocker.sock/v1.40/containers/json: dial unix /var/run/docker.sock: connect: permission denied """
Again, no issues until I went to docker desktop version 4.19 and its the same issue on MAC and WINDOWS. The docker.sock.raw was the only viable option for me to fix this.
NOTE REGARDING GOING BACK TO PRIOR DOCKER DESKTOP VERSION: At least on the MAC, to revert back to version 4.18, I just manually l downloaded it and reinstalled. It asked me to overlap my prior version and that worked. Did not loose any images, settings, etc.. Not sure on Windows, if you can do that, but you can try. If just reinstalling on top of existing version doesn't work, you have to uninstall 4.19 and reinstall 4.18 from scratch, but then you have to set up everything again and redo your docker images
I am running into the same issue on Windows.
Please prioritize this fix.
OMFG. Somebody in docker respond to this and help us...
how are you guys downgrading docker desktop on windows? installer just says installation up to date, and exits. if they are going to release alpha code in stable we need options to downgrade.
I use chocolatey to manage my installed software. It also allows you to easily downgrade docker desktop.
hi, can anyone confirm this is still an issue with the new release 4.20? I want to make sure before I upgrade docker desktop, as I already went through the downgrade process and nextcloud is happy running on 4.18
hi, can anyone confirm this is still an issue with the new release 4.20? I want to make sure before I upgrade docker desktop, as I already went through the downgrade process and nextcloud is happy running on 4.18
Yes still an issue with 4.20
Why is this still an issue in another release? Are the people at Docker even looking into this problem? This doesn't seem like a bug but an intentional change and they're not speaking up about it.
Here's a thought. For $5 a month someone could actually purchase official support for Docker Desktop through Docker themselves. I'm wondering if anyone is paying for this support and what would be the response to the problem then?
Adding my +1 one here. Glad I'm not alone.
hi, can anyone confirm this is still an issue with the new release 4.20? I want to make sure before I upgrade docker desktop, as I already went through the downgrade process and nextcloud is happy running on 4.18
could explain how to downgrade?
@djs55 Is this issue on the radar at Docker? This seems to be affecting a lot of folks.
@djs55 Is this issue on the radar at Docker? This seems to be affecting a lot of folks.
I just upgraded to version 4.20 and the problem still exists in this version. Reverted back to version 4.18. This is not acceptable and should be fixed. Are the folks that support docker even listening to us?
Still recommending ditching docker desktop for docker service running in wsl2.
Get Outlook for Androidhttps://aka.ms/AAb9ysg
From: Jeff @.> Sent: Monday, June 5, 2023 5:36:11 AM To: docker/for-win @.> Cc: FlattusBlastus @.>; Comment @.> Subject: Re: [docker/for-win] connecting to docker socket inside container with different user than root is broken after updating to 4.19 (Issue #13447)
@djs55https://github.com/djs55 Is this issue on the radar at Docker? This seems to be affecting a lot of folks.
I just upgraded to version 4.20 and the problem still exists in this version. Reverted back to version 4.18. This is not acceptable and should be fixed. Are the folks that support docker even listening to us?
— Reply to this email directly, view it on GitHubhttps://github.com/docker/for-win/issues/13447#issuecomment-1576705268, or unsubscribehttps://github.com/notifications/unsubscribe-auth/ASVVEUHZ5HQQN4BYSSX6O4LXJXHDXANCNFSM6AAAAAAXRYLUUA. You are receiving this because you commented.Message ID: @.***>
hi, can anyone confirm this is still an issue with the new release 4.20? I want to make sure before I upgrade docker desktop, as I already went through the downgrade process and nextcloud is happy running on 4.18
could explain how to downgrade?
uninstall 4.20. Install 4.18 from here Be sure you do a backup before you uninstall. I personally used the local .tar image method to backup and restore.
Unfortunately this bug completely breaks nextcloud aio, and so far the only way i've found that actually fixes it is to downgrade to 4.18. I hope the devs fix this someday...
Still broken, and no replies from Docker. Who do we direct our issue to? This current issue is either being ignored or not noticed.
I hope this is fixed soon. I'm stuck on 4.18.
Thanks for reporting the issue and apologies for the delay in addressing it. We have identified the problem and will include a fix in the next Docker Desktop release.
Thanks for reporting the issue and apologies for the delay in addressing it. We have identified the problem and will include a fix in the next Docker Desktop release.
Any estimation as to when that will be? Few days, weeks or months?
Any estimation as to when that will be? Few days, weeks or months?
@jeffrozica It will hopefully be by the end of next week
We have released Docker desktop 4.21.1, containing a fix for this issue, please see https://docs.docker.com/desktop/release-notes/
We have released Docker desktop 4.21.1, containing a fix for this issue, please see https://docs.docker.com/desktop/release-notes/
Did you actually test this with a container that needs to log into the socket as non-root, like Nextcloud, because I don't want to be the guinea pig, and neither does anyone else. We received no information from Docker regarding this issue for two months. Not a single one of you came here to ease our concerns. Now, there is a magic fix, and you don't even describe what you did to fix it.
I'm sure you can forgive me for being completely untrusting of your organization now.
We have released Docker desktop 4.21.1, containing a fix for this issue, please see https://docs.docker.com/desktop/release-notes/
Did you actually test this with a container that needs to log into the socket as non-root, like Nextcloud, because I don't want to be the guinea pig, and neither does anyone else. We received no information from Docker regarding this issue for two months. Not a single one of you came here to ease our concerns. Now, there is a magic fix, and you don't even describe what you did to fix it.
I'm sure you can forgive me for being completely untrusting of your organization now.
Lol same, I ain't touching this update considering the history
I just tested 4.21.1 and in my situation it looks like the issue is fixed. The user with permissions on the docker socket in my container works.
I just tested 4.21.1 and in my situation it looks like the issue is fixed. The user with permissions on the docker socket in my container works.
That was awesome of you. What version of nextcloud did you test with? Thanks!
@nester43 I don't use nextcloud, this was an issue for me when running containers in Docker Desktop on Windows, but not anymore.
I'm new to Nextcloud and tried the AIO on Docker 4.19 on Windows, and the errors I got led me to this thread. I tried again today after updating to 4.21.1 and it seems to be working fine.
I'm new to Nextcloud and tried the AIO on Docker 4.19 on Windows, and the errors I got led me to this thread. I tried again today after updating to 4.21.1 and it seems to be working fine.
That's extremely encouraging and thank you for sharing. What version of Nextcloud are you running? I'm still nervous as restoring a backup on previous docker version would take a long time given we have a few TBs in Nextcloud.
I believe that I was running version 27. IIRC, the AIO had a default of 26 selected, but I opted for 27.
I'm new to Nextcloud and tried the AIO on Docker 4.19 on Windows, and the errors I got led me to this thread. I tried again today after updating to 4.21.1 and it seems to be working fine.我是Nextcloud的新手,尝试在Windows上使用Docker 4.19的AIO,但是我遇到了错误,所以来到了这个帖子。今天我更新到了4.21.1版本后再次尝试,看起来一切都正常。
That's extremely encouraging and thank you for sharing. What version of Nextcloud are you running? I'm still nervous as restoring a backup on previous docker version would take a long time given we have a few TBs in Nextcloud.非常鼓舞人心,谢谢您的分享。您正在运行哪个版本的Nextcloud?我仍然感到紧张,因为在以前的Docker版本上恢复备份需要很长时间,因为我们在Nextcloud中有几个TB。
我使用4.22.1成功部署AIO,并且可以使用 已无“Cannot connect to the docker socket. Cannot proceed.”错误
Actual behavior
After updating Docker Desktop on Windows to v4.19 when trying to connect to a bind-mounted tcp unix socket inside a container that runs as unprivileged (non-root user) process. Connecting to the socket as root user inside the container still works but it apparently broke due to the update because it worked also with the unprivileged user before the update.
Expected behavior
It should be possible to connect to the socket even as non-root user if read permissions are set correct.
Information
Output of
& "C:\Program Files\Docker\Docker\resources\com.docker.diagnose.exe" check
Steps to reproduce the behavior
Output
``` Client: Context: default Debug Mode: false Plugins: buildx: Docker Buildx (Docker Inc.) Version: v0.10.4 Path: /usr/local/libexec/docker/cli-plugins/docker-buildx compose: Docker Compose (Docker Inc.) Version: v2.17.3 Path: /usr/local/libexec/docker/cli-plugins/docker-compose Server: Containers: 2 Running: 2 Paused: 0 Stopped: 0 Images: 4 Server Version: 23.0.5 Storage Driver: overlay2 Backing Filesystem: extfs Supports d_type: true Using metacopy: false Native Overlay Diff: true userxattr: false Logging Driver: json-file Cgroup Driver: cgroupfs Cgroup Version: 1 Plugins: Volume: local Network: bridge host ipvlan macvlan null overlay Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog Swarm: inactive Runtimes: io.containerd.runc.v2 runc Default Runtime: runc Init Binary: docker-init containerd version: 2806fc1057397dbaeefbea0e4e17bddfbd388f38 runc version: v1.1.5-0-gf19387a init version: de40ad0 Security Options: seccomp Profile: builtin Kernel Version: 5.15.90.1-microsoft-standard-WSL2 Operating System: Docker Desktop OSType: linux Architecture: x86_64 CPUs: 8 Total Memory: 7.682GiB Name: docker-desktop ID: 98271cca-a380-4fa6-8246-56d88c255a12 Docker Root Dir: /var/lib/docker Debug Mode: false HTTP Proxy: http.docker.internal:3128 HTTPS Proxy: http.docker.internal:3128 No Proxy: hubproxy.docker.internal Registry: https://index.docker.io/v1/ Experimental: true Insecure Registries: hubproxy.docker.internal:5555 127.0.0.0/8 Live Restore Enabled: false WARNING: No blkio throttle.read_bps_device support WARNING: No blkio throttle.write_bps_device support WARNING: No blkio throttle.read_iops_device support WARNING: No blkio throttle.write_iops_device support ```Output
``` fetch https://dl-cdn.alpinelinux.org/alpine/v3.17/main/x86_64/APKINDEX.tar.gz fetch https://dl-cdn.alpinelinux.org/alpine/v3.17/community/x86_64/APKINDEX.tar.gz (1/3) Installing linux-pam (1.5.2-r1) (2/3) Installing shadow (4.13-r0) (3/3) Installing sudo (1.9.12_p2-r1) Executing busybox-1.35.0-r29.trigger OK: 17 MiB in 25 packages srwxr-xr-x 1 root root 0 May 1 12:49 /var/run/docker.sock Client: Context: default Debug Mode: false Plugins: buildx: Docker Buildx (Docker Inc.) Version: v0.10.4 Path: /usr/local/libexec/docker/cli-plugins/docker-buildx compose: Docker Compose (Docker Inc.) Version: v2.17.3 Path: /usr/local/libexec/docker/cli-plugins/docker-compose Server: ERROR: permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get "http://%2Fvar%2Frun%2Fdocker.sock/v1.24/info": dial unix /var/run/docker.sock: connect: permission denied errors pretty printing info ```