AI Diagnostic Summary

Docker: Permission Denied on /var/run/docker.sock

Well-Documented Error

This error matches known, documented patterns with reliable solutions.

Quick Fix (Most Common Solution)

Add your user to the docker group: sudo usermod -aG docker $USER
Apply the change by logging out and back in — or use newgrp docker for the current session

Seeing "permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock"? This error can be frustrating, but it's usually fixable. It typically affects your development workflow or system. Below you'll find clear, step-by-step solutions to resolve this issue.

High confidence

What This Error Means

The Docker daemon socket (/var/run/docker.sock) is owned by the docker group. Your user is not in that group, so the kernel rejects the connection attempt. Running 'sudo docker' works because root has access, but the proper fix is group membership.

Frequently documented in developer and vendor support forums.

Based on documented solutions and common real-world fixes.
Not affiliated with browser, OS, or device manufacturers.

New here? Learn why exact error messages matter →

Common Causes

Current user is not a member of the docker group
Docker group does not exist yet (fresh Docker installation)
Group membership change was made but the session has not been refreshed to pick it up

How to Fix

Add your user to the docker group: sudo usermod -aG docker $USER
Apply the change by logging out and back in — or use newgrp docker for the current session
Verify group membership was applied: groups $USER should include docker
Test docker runs without sudo: docker ps

Last reviewed: June 2026 How we review solutions

Didn't fix it? Get a personalised solution

Environment-Specific Commands

Linux — Add user to docker group

sudo usermod -aG docker $USER
newgrp docker
groups $USER
docker ps

WSL2 — Apply group change

sudo usermod -aG docker $USER
# Close the WSL2 terminal completely
# Open a new WSL2 terminal
docker ps

Quick Diagnostic Path

If groups output does not include 'docker' → Run: sudo usermod -aG docker $USER then log out and back in
If groups shows 'docker' but permission denied persists → Session still uses the old group list. Run: newgrp docker or open a new terminal.
If Fresh Docker install — 'docker group does not exist' → Run: sudo groupadd docker then sudo usermod -aG docker $USER

If This Still Fails, Check

CI/CD containers (Jenkins, GitLab Runner): bind-mount /var/run/docker.sock into the container and run as root, or use Docker-in-Docker (dind) mode
Rootless Docker mode: the socket path is different. Check the DOCKER_HOST environment variable — it will point to a user-level socket.
After Docker re-install: the docker group may be recreated but your user removed from it — re-run the usermod command and log out

Full fix: add to docker group and verify

# Add current user to docker group
sudo usermod -aG docker $USER

# Apply immediately in current session
newgrp docker

# Verify group membership
groups $USER
# Output must include: docker

# Verify docker works without sudo
docker ps
# Expected: table with CONTAINER ID, IMAGE, COMMAND columns

Version Notes

Docker Engine Versions and Permission Denied Var Run Docker Sock Behavioral Differences

Docker Engine version differences cause Permission Denied Var Run Docker Sock because core behaviors around networking, storage drivers, and BuildKit availability changed across major releases. Code that works on Docker 20.x may fail on Docker 24.x or vice versa. Check your Docker version with docker version — the output includes both client and server (daemon) versions, which may differ in remote environments. Docker Compose V2 (bundled as docker compose) replaced the standalone V1 (docker-compose) in 2023 and has subtle behavioral differences: the depends_on condition field, variable expansion in environment values, and profile behavior all changed. If your Compose file uses features from V2 but the environment has V1, commands may silently behave differently and produce Permission Denied Var Run Docker Sock. Pin the Docker Compose version in CI with docker compose version checks. For production deployments, test Docker Engine upgrades in staging first — storage driver migrations (overlay2, devicemapper) are not always automatic and can cause data access errors resembling Permission Denied Var Run Docker Sock.

Optional follow-up

Some users ask whether saving fixes for recurring errors would be useful when the same issue appears again.

Was this explanation helpful?

Explanations are based on documented fixes, real-world reports, and common system behavior. GetErrorHelp is independent and not affiliated with software vendors, device manufacturers, or service providers.

Frequently Asked Questions

Why does sudo docker work but docker does not?

sudo runs the command as root, which always has access to the docker socket. Without sudo, your user needs to be in the docker group to connect to /var/run/docker.sock.

Do I have to log out completely?

A full logout/login is the most reliable way to apply group changes. In the current terminal, 'newgrp docker' applies the change for that shell session only.

Is adding a user to the docker group safe?

Adding a user to the docker group is equivalent to granting root-level access, because Docker can mount the host filesystem. Only add trusted users on shared systems.

Related Resources

Also Known As

Docker container error
Docker build failure
Container runtime error
Docker daemon error

Common Search Variations

"docker container won't start"
"docker build error fix"
"docker image not found"
"container exited with error"
"docker daemon not responding"
"fix docker network error"

Related Errors

Still Stuck?

Paste a different error message or upload a screenshot to get help instantly.

Solutions are based on commonly documented fixes and may not apply in all situations.