Troubleshooting permission denied errors on an engine.
A common error message you may see when running integrations on engines is something like: Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get http://%2Fvar%2Frun%2Fdocker.sock/v1.35/images/json?t.
Determine if you are using a Docker group or Dockerroot group by running one of the following on the server engine:
ls -la /var/run/docker.sock
The output from this command will show what user/group is running docker.sock. For example:
srw-rw----. 1 root docker 0 Apr 12 20:32 /var/run/docker.sock
shows that it’s a Docker group and not Dockerroot.
cat /etc/group | grep docker
This command shows if you are running Docker or Dockerroot.
Note
Docker CE installations typically run Docker, while Docker EE installations typically run Dockerroot.
To fix a Docker user, run the following commands on the server engine:
sudo groupadd docker
sudo usermod -aG docker demisto
sudo systemctl restart docker
sudo systemctl restart d1
Note
If the Allow running multiple engines on the same machine option is selected, run the command:
sudo systemctl restart d1_<Engine _name>
To fix a Dockerroot user, run the following commands on the server engine:
sudo groupadd dockerroot
Set the dockerroot group in
/etc/docker/daemon.json
. For example: { "group": "dockerroot" }.sudo usermod -aG dockerroot demisto
sudo chcon -Rt svirt_sandbox_file_t /var/lib/demisto/temp
sudo systemctl restart docker
sudo systemctl restart d1
Note
If the Allow running multiple engines on the same machine option is selected, run the command:
sudo systemctl restart d1_<Engine _name>