Troubleshoot Permission Denied - Administrator Guide - 6.10 - Cortex XSOAR - Cortex - Security Operations

Cortex XSOAR Administrator Guide

Product
Cortex XSOAR
Version
6.10
Creation date
2022-10-13
Last date published
2024-06-05
End_of_Life
EoL
Category
Administrator Guide
Abstract

Troubleshoot permission denied error for an engine.

A common error message you may see when running integrations on engines is: Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get http://%2Fvar%2Frun%2Fdocker.sock/v1.35/images/json?t.

  1. Determine if you are using a Docker group or Dockerroot group by running one of the following on the server engine:

    • ls -la /var/run/docker.sock

      The output from this command will show what user/group is running docker.sock. For example:

      srw-rw----. 1 root docker 0 Apr 12 20:32 /var/run/docker.sock

      shows that it’s a Docker group and not Dockerroot.

    • cat /etc/group | grep docker

      This command shows if you are running Docker or Dockerroot.

    Note

    Docker CE installations typically run Docker, while Docker EE installations typically run Dockerroot.

  2. To fix a Docker user, run the following commands on the server engine:

    1. sudo groupadd docker

    2. sudo usermod -aG docker demisto

    3. sudo systemctl restart docker

    4. sudo systemctl restart d1

  3. To fix a Dockerroot user, run the following commands on the server engine:

    1. sudo groupadd dockerroot

    2. Set the dockerroot group in /etc/docker/daemon.json. For example: { "group": "dockerroot" }.

    3. sudo usermod -aG dockerroot demisto

    4. sudo chcon -Rt svirt_sandbox_file_t /var/lib/demisto/temp

    5. sudo systemctl restart docker

    6. sudo systemctl restart d1