ERROR: Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Post http://%2Fvar%2Frun%2Fdocker.sock/v1.26/volumes/create: dial unix /var/run/docker.sock: connect: permission denied
This is the relevant part of my docker-compose file:
I feel like this question is more appropriate in the docker-compose or docker support channel. “Why do I need privileged mode to mount the docker socket” is something they are more qualified to answer, since this is more of a docker issue than a drone issue.
Sorry I wish I could provide more help, but this is outside my area of expertise.
Thanks
Maybe asking RedHat would be appropriate to ask too, since they sometimes patch in security stuff, and I’ve not installed it from the Docker CE repo, but the default Fedora repo.
The reason is that centOs7 opens the SELinux security module by default. It needs to temporarily turn off the security module, or add the directory to the white list.
Temporary closure of selinux:su -c “setenforce 0”
Reopen selinux:su -c “setenforce 1”
Add the SELinux rule to add the directory you want to mount to the white list:
example:chcon -Rt svirt_sandbox_file_t /var/run/
The chcon command doesn’t seem to work for me, I get Operation not supported error returned:
# chcon -Rt svirt_sandbox_file_t /var/run/
chcon: failed to change context of ‘1182aef687ea’ to ‘system_u:object_r:svirt_sandbox_file_t:s0’: Operation not supported
chcon: failed to change context of ‘ca80c6fdfd32’ to ‘system_u:object_r:svirt_sandbox_file_t:s0’: Operation not supported
chcon: failed to change context of ‘347898ea28d6’ to ‘system_u:object_r:svirt_sandbox_file_t:s0’: Operation not supported
For anyone still stuck, I found a few more helpful links:
