stackoom
  简体   繁体   中英

docker run hello-world still fails, permission denied

 原文  2016-09-18 12:18:58       linux/ docker/ debian

Question

I'm trying to run docker but it still fails. Here is what i get 

root@c1170137:~# docker run hello-world
Unable to find image 'hello-world:latest' locally
latest: Pulling from library/hello-world

c04b14da8d14: Extracting    974 B/974 B
docker: failed to register layer: ApplyLayer exit status 1 stdout:  stderr: permission denied.
See 'docker run --help'.

kernel: 4.4.16-1-pve

i'm using debian jessie 

Distributor ID: Debian
Description:    Debian GNU/Linux 8.5 (jessie)
Release:        8.5
Codename:       jessie

Edit: daemon.log http://hastebin.com/qinufacuto.coffee

docker info 

root@c1177124:~# docker info
Containers: 0
 Running: 0
 Paused: 0
 Stopped: 0
Images: 0
Server Version: 1.12.1
Storage Driver: vfs
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
 Volume: local
 Network: host bridge null overlay
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Security Options:
Kernel Version: 4.4.16-1-pve
Operating System: Debian GNU/Linux 8 (jessie)
OSType: linux
Architecture: x86_64
CPUs: 32
Total Memory: 2 GiB
Name: c1177124
ID: 4YUJ:OL2E:WLJC:23WJ:5HRW:LRY3:QHKC:MKXO:JDWO:VWOQ:JMWN:V52W
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
WARNING: bridge-nf-call-iptables is disabled
WARNING: bridge-nf-call-ip6tables is disabled
Insecure Registries:
 127.0.0.0/8

By the way, the problem could be caused by the kernel. Thank you for any idea or solution

4 answers

solution1
 7  2018-09-30 10:39:21

Use lxc.apparmor.profile: unconfined

Just put at the end of an /etc/pve/lxc/ID.conf file and restart your LXC container.

Using lxc.aa_profile: unconfined is deprecated as was renamed.

solution2
 2  2017-04-10 13:05:24

If you don't care about security or trust your docker containers:

  1. Edit the configuration file of your lxc container on the host in /etc/pve/lxc/ID.conf by adding lxc.aa_profile: unconfined at the end of the file.
  2. Remove apparmor: apt-get remove apparmor --purge

solution3
 0  2017-05-24 08:08:48

Iam Solved this problem with execute this command on Host :

lxc config set your-lxc-name security.nesting true

lxc config set your-lxc-name security.privileged true

solution4
 0  2019-07-12 21:27:56

I had the same error. In my case it was due to McAfee antivirus. I removed it and then pull successfully. McAffe was blocking the /etc/passwd folder and Docker could not pull images.

Here people had the same exact problem: https://github.com/moby/moby/issues/37817

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Docker on Linux: All actions (hello-world, pull image, etc) yield timeouts ICC (14.0) cannot even compile hello-world in Ubuntu 13.10? Error when I compile 'hello-world' example from Contiki Docker-compose: nginx fails to start due to “permission denied” error “Error response from daemon: Cannot start container … no such file or directory” on Oracle Linux running hello-world Docker "permission denied" in container Docker cloning - permission denied permission denied in docker entrypoint How to compile and run a hello world JUCE program? Gitpod to run a C hello world program
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM