This error occurs when your user account doesn't have permission to access the Docker daemon. The Docker daemon runs as root, and by default, only root or users in the 'docker' group can connect to it.
The Docker CLI needs to communicate with the Docker daemon to run containers. This communication happens through a Unix socket at /var/run/docker.sock. By default, this socket is owned by root and the docker group. When you run Docker commands without sudo and your user isn't in the docker group, you get this permission denied error.
Run: getent group docker
If you see output like docker:x:999:, the group exists. If there's no output, you need to create it.
Run: sudo groupadd docker
This creates the docker group. Skip this step if the group already exists.
Run: sudo usermod -aG docker $USER
This adds your current user to the docker group. The -aG flags append the group without removing existing group memberships.
You need to log out and log back in for the group change to take effect. Alternatively, run: newgrp docker
This starts a new shell with the docker group active.
Run: docker run hello-world
If successful, you'll see a message from Docker confirming your installation is working.
Security consideration: Adding users to the docker group grants them root-equivalent privileges on the host. Any user who can run Docker commands can mount the host filesystem and access/modify any file. For production servers, consider using rootless Docker or Podman instead.
Alternative solutions:
- Use sudo for all Docker commands (secure but inconvenient)
- Configure rootless Docker: dockerd-rootless-setuptool.sh install
- Use Podman, which runs rootless by default
image operating system "linux" cannot be used on this platform
How to fix 'image operating system linux cannot be used on this platform' in Docker
manifest unknown: manifest unknown
How to fix 'manifest unknown' in Docker
cannot open '/etc/passwd': Permission denied
How to fix 'cannot open: Permission denied' in Docker
Error response from daemon: failed to create the ipvlan port
How to fix 'failed to create the ipvlan port' in Docker
toomanyrequests: Rate exceeded for anonymous users
How to fix 'Rate exceeded for anonymous users' in Docker Hub