You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Vagrant should execute the docker run command and display its output without errors.
Actual behavior
The docker run fails even though Docker has been set up properly by the docker provisioner:
...
==> default: Running provisioner: shell...
default: Running: inline script
default: Groups of vagrant
default: vagrant
default: docker: Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Post http://%2Fvar%2Frun%2Fdocker.sock/v1.38/containers/create: dial unix /var/run/docker.sock: connect: permission denied.
default: See 'docker run --help'.
The SSH command responded with a non-zero exit status. Vagrant
assumes that this means the command failed. The output for this command
should be in the log above. Please read the output to determine what
went wrong.
This seems to be caused by Vagrant re-using the existing SSH connection and the way Linux behaves in general when adding groups to a user, in this case the docker group for the vagrant user. Newly added groups only affect new shells, existing shells will keep their list of user groups unchanged. Since Vagrant does not terminate the SSH connection after installing Docker and adding vagrant to the docker group, any subsequent SSH command won't have the docker group and won't have the permissions to access the Docker socket. On subsequent up a new SSH connection is set up which then has the updated list of user groups.
Steps to reproduce
Put the Vagrantfile somewhere
Run vagrant up
See the error and vagrant missing the docker group
Run vagrant up once more
See the error gone and now vagrant having the docker group
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.
ghost
locked and limited conversation to collaborators
Mar 28, 2020
Sign up for freeto subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Vagrant version
Vagrant 2.2.0
Host operating system
Guest operating system
Vagrantfile
Debug output
https://gist.github.com/mbrodala/49813f8feceb77c6a4cfa747f72e6697
Expected behavior
Vagrant should execute the
docker run
command and display its output without errors.Actual behavior
The
docker run
fails even though Docker has been set up properly by thedocker
provisioner:This seems to be caused by Vagrant re-using the existing SSH connection and the way Linux behaves in general when adding groups to a user, in this case the
docker
group for thevagrant
user. Newly added groups only affect new shells, existing shells will keep their list of user groups unchanged. Since Vagrant does not terminate the SSH connection after installing Docker and addingvagrant
to thedocker
group, any subsequent SSH command won't have thedocker
group and won't have the permissions to access the Docker socket. On subsequentup
a new SSH connection is set up which then has the updated list of user groups.Steps to reproduce
Vagrantfile
somewherevagrant up
vagrant
missing thedocker
groupvagrant up
once morevagrant
having thedocker
groupReferences
Initially discovered in leighmcculloch/vagrant-docker-compose#53
The text was updated successfully, but these errors were encountered: