Docker task permission denied


Docker task fails to run with the following appears in the build log:

command	08-Mar-2017 09:17:33	Substituting variable: ${} with /home/bamboo-home/xml-data/build-dir/PROJ-PLAN-JOB1
simple	08-Mar-2017 09:17:33	Starting task 'Build Image' of type 'com.atlassian.bamboo.plugins.bamboo-docker-plugin:task.docker.cli'
command	08-Mar-2017 09:17:33	Beginning to execute external process for build 'Driver API - DAPI Docker - Default Job #2 (PROJ-PLAN-JOB1-2)'\n ... running command line: \n/usr/bin/docker build --force-rm=true --tag=dapi-base /home/bamboo-home/xml-data/build-dir/PROJ-PLAN-JOB1\n ... in: /home/bamboo-home/xml-data/build-dir/PROJ-PLAN-JOB1\n ... using extra environment variables:...
error	08-Mar-2017 09:17:33	Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Post http://%2Fvar%2Frun%2Fdocker.sock/v1.26/build?buildargs=%7B%7D&cachefrom=%5B%5D&cgroupparent=&cpuperiod=0&cpuquota=0&cpusetcpus=&cpusetmems=&cpushares=0&dockerfile=Dockerfile&forcerm=1&labels=%7B%7D&memory=0&memswap=0&networkmode=default&rm=1&shmsize=0&t=dapi-base&ulimits=null: dial unix /var/run/docker.sock: connect: permission denied
simple	08-Mar-2017 09:17:33	Failing task since return code of [/usr/bin/docker build --force-rm=true --tag=dapi-base /home/bamboo-home/xml-data/build-dir/PROJ-PLAN-JOB1] was 1 while expected 0
error	08-Mar-2017 09:17:33	Error occurred while running Task 'Build Image(2)' of type com.atlassian.bamboo.plugins.bamboo-docker-plugin:task.docker.cli.
error	08-Mar-2017 09:17:33	com.atlassian.bamboo.task.TaskException: Failed to execute task
error	08-Mar-2017 09:17:33		at com.atlassian.bamboo.plugins.docker.service.BuildService.execute(
error	08-Mar-2017 09:17:33		at com.atlassian.bamboo.plugins.docker.tasks.cli.DockerCliTask.execute(
error	08-Mar-2017 09:17:33		at com.atlassian.bamboo.task.TaskExecutorImpl.lambda$executeTasks$3(
error	08-Mar-2017 09:17:33		at com.atlassian.bamboo.task.TaskExecutorImpl.executeTaskWithPrePostActions(
error	08-Mar-2017 09:17:33		at com.atlassian.bamboo.task.TaskExecutorImpl.executeTasks(


If the agent where the build fails is:

  1. Local agent: the user running Bamboo server can’t access the docker engine, because it is lacking permissions to access the UNIX socket to communicate with the engine.
  2. Remote agent: the user running the remote agent can’t access the docker engine, because it is lacking permissions to access the UNIX socket to communicate with the engine.


  1. Add the user running Bamboo server or agent to the docker group 

    #if group "docker" doesn't exist
    sudo groupadd docker
    #add user to group "docker"
    sudo usermod -a -G docker $USER
  2. Restart the machine


If the adding the user running Bamboo server or agent to the docker group doesnt work . Please add -G bamboo to the docker daemon so the socket becomes owned by the bamboo user.

1) To do this, you will need to edit the Docker service configuration file, which is often located at /lib/systemd/system/docker.service or /etc/systemd/system/docker.service. Use a text editor to open the file:


sudo nano /lib/systemd/system/docker.service

2) Locate the ExecStart line in the file, which typically starts with ExecStart=/usr/bin/dockerd. Add the -G newgroup option to the ExecStart line. 


ExecStart=/usr/bin/dockerd -G bamboo -H fd://

3) Save the configuration file and exit the text editor.

Reload Systemd Configuration:

To apply the changes, you should reload the systemd configuration:


sudo systemctl daemon-reload

4) Restart Docker:

Finally, restart the Docker service to have the changes take effect:


sudo systemctl restart docker

Last modified on Nov 7, 2023

Was this helpful?

Provide feedback about this article
Powered by Confluence and Scroll Viewport.