This daemon-level error occurs when Docker cannot write to its storage backend, typically due to Snap installation restrictions, disk space exhaustion, hardware failures, or storage driver issues. The daemon itself fails operations rather than individual containers.
The "Error response from daemon: Read-only file system" error is a daemon-level failure in Docker. Unlike container-level read-only errors, this indicates the Docker daemon itself cannot perform write operations to its storage location (usually /var/lib/docker). This error originates from the Docker daemon's storage backend and affects all Docker operations including: - Pulling images - Creating containers - Writing build cache and metadata - Managing volumes and networks When the daemon reports this error, it means the underlying storage layer has become unavailable for writes. This is fundamentally different from a container's filesystem being read-only - the daemon's core functionality is impaired. Common scenarios that trigger this daemon error: 1. Docker installed via Snap on Ubuntu (sandbox restrictions) 2. Host disk space exhaustion causing kernel filesystem protection 3. Hardware failure triggering automatic read-only remount 4. Docker Desktop VM corruption 5. Storage driver initialization failures
The most common cause of this daemon error on Ubuntu is Docker installed via Snap, which sandboxes filesystem access:
# Check Docker installation location
which docker
# Snap installation shows: /snap/bin/docker
# Confirm Snap installation
snap list | grep dockerIf Docker is a Snap package, the daemon cannot write to standard paths. The permanent fix is reinstalling from the official Docker repository:
# Remove Snap Docker
sudo snap remove docker
# Clean up any leftover data
sudo rm -rf /var/snap/docker
# Install Docker from official repository
# Add Docker's official GPG key
sudo apt-get update
sudo apt-get install ca-certificates curl
sudo install -m 0755 -d /etc/apt/keyrings
sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
sudo chmod a+r /etc/apt/keyrings/docker.asc
# Add the repository to Apt sources
echo \
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \
$(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
# Install Docker
sudo apt-get update
sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-pluginWhen disk space is exhausted, the Linux kernel remounts the filesystem as read-only to protect data integrity:
# Check overall disk space
df -h
# Check Docker-specific storage usage
docker system df
# Check the Docker data directory specifically
df -h /var/lib/docker
du -sh /var/lib/docker/* 2>/dev/nullIf disk usage is above 90%, free up space immediately:
# Remove all stopped containers, unused networks, dangling images, and build cache
docker system prune -a -f
# Additionally remove unused volumes (WARNING: may delete data)
docker system prune -a --volumes -f
# Check space recovered
df -h /var/lib/dockerAfter freeing space, you may need to remount the filesystem and restart Docker:
# Attempt to remount as read-write
sudo mount -o remount,rw /
# Restart Docker daemon
sudo systemctl restart dockerPersistent read-only remounts often indicate hardware failure. Check system logs immediately:
# Check kernel messages for filesystem/hardware errors
dmesg | grep -iE "read.only|ext4.fs error|xfs.fs|I/O error|aborting journal|remounting.*ro"
# Check for recent errors
journalctl -k --since "1 hour ago" | grep -iE "error|readonly|read-only"Warning signs of hardware failure:
- "EXT4-fs error" or "XFS error" messages
- "I/O error" on a block device
- "Aborting journal" messages
- "Remounting filesystem read-only"
If you see these errors:
1. Immediately backup important data
2. Check disk health:
# Check SMART status (install smartmontools if needed)
sudo smartctl -a /dev/sda
# Check for bad blocks (non-destructive read test)
sudo badblocks -v /dev/sda3. Consider replacing the storage device before it fails completely
On Docker Desktop, the underlying VM can become corrupted, causing daemon read-only errors:
Quick fix - Restart Docker Desktop:
1. Click Docker icon in system tray/menu bar
2. Select "Restart"
3. Wait for Docker to fully restart
If restart doesn't work - Reset Docker Desktop:
Windows:
# Close Docker Desktop completely
Stop-Process -Name "Docker Desktop" -Force -ErrorAction SilentlyContinue
# Delete Docker settings and VM data
Remove-Item "$env:APPDATA\Docker" -Recurse -Force
# Restart Docker Desktop from Start MenumacOS:
# Quit Docker Desktop
osascript -e 'quit app "Docker"'
# Remove Docker Desktop data (WARNING: removes containers and images)
rm -rf ~/Library/Containers/com.docker.docker
rm -rf ~/Library/Group\ Containers/group.com.docker
rm -rf ~/.docker
# Restart Docker Desktop
open -a DockerColima users (macOS alternative):
# Delete and recreate Colima VM
colima delete
brew upgrade colima
colima startIncorrect permissions on the Docker data directory can cause daemon write failures:
# Check Docker data directory permissions
ls -la /var/lib/docker
# The directory should be owned by root:root with mode 711
# Expected output: drwx--x--x root root /var/lib/dockerIf permissions are incorrect:
# Fix ownership
sudo chown -R root:root /var/lib/docker
# Fix directory permissions
sudo chmod 711 /var/lib/docker
# Restart Docker
sudo systemctl restart dockerIf using rootless Docker, check user-specific paths:
# Rootless Docker stores data in user's home
ls -la ~/.local/share/docker
# Ensure the user owns the directory
chown -R $(id -u):$(id -g) ~/.local/share/dockerStorage driver issues can cause persistent read-only errors. Resetting Docker storage may resolve the issue:
WARNING: This removes all images, containers, and volumes
# Stop Docker daemon
sudo systemctl stop docker
# Backup any important volume data first
# sudo cp -r /var/lib/docker/volumes /backup/docker-volumes
# Remove Docker data directory
sudo rm -rf /var/lib/docker
# Recreate the directory
sudo mkdir /var/lib/docker
sudo chmod 711 /var/lib/docker
# Start Docker - it will reinitialize storage
sudo systemctl start docker
# Verify Docker is working
docker info | grep "Storage Driver"
docker run --rm hello-worldIf you need to change the storage driver:
# Edit or create daemon configuration
sudo nano /etc/docker/daemon.jsonAdd or modify:
{
"storage-driver": "overlay2"
}Then restart Docker:
sudo systemctl restart dockerIf Docker's data directory is on a separate mount, verify it's mounted correctly:
# Check current mount status
mount | grep docker
mount | grep "$(df /var/lib/docker | tail -1 | awk '{print $1}')"
# Look for "ro" (read-only) in the mount optionsIf the mount shows as read-only:
# Attempt to remount as read-write
sudo mount -o remount,rw /var/lib/docker
# Or if Docker data is on the root filesystem
sudo mount -o remount,rw /For NFS or network-mounted Docker storage:
# Check NFS mount status
showmount -e your-nfs-server
# Remount NFS with read-write
sudo umount /var/lib/docker
sudo mount -t nfs -o rw your-nfs-server:/docker /var/lib/dockerImportant: Network-mounted Docker storage is not recommended for production. Consider using local storage with volume drivers for persistent data.
After applying fixes, restart Docker and verify the daemon is working:
# Restart Docker daemon
sudo systemctl restart docker
# Check daemon status
sudo systemctl status docker
# Verify Docker info shows no errors
docker info
# Test write operations
docker pull alpine:latest
docker run --rm alpine echo "Docker daemon write test passed"
# Test build capability
echo "FROM alpine" | docker build -t test-build -
docker rmi test-buildIf issues persist, check Docker daemon logs:
# View live Docker daemon logs
sudo journalctl -u docker -f
# Check for specific error patterns
sudo journalctl -u docker --since "10 minutes ago" | grep -i "read.only\|error\|failed"On Docker Desktop, access logs via:
- Settings > Troubleshoot > View logs
Understanding daemon vs container read-only errors:
The "Error response from daemon" prefix is critical - it indicates the Docker daemon process itself cannot write, not a container filesystem issue. Container-level read-only errors appear when running commands inside containers, while daemon errors prevent Docker operations entirely.
Snap Docker sandboxing details:
Ubuntu's Snap packages use AppArmor confinement. The Docker Snap can only write to:
- /home (user directories)
- /var/snap/docker/common
- /var/snap/docker/current
The Snap version also lacks access to certain kernel features, making it unsuitable for production use. Always prefer the official Docker repository installation.
Filesystem journaling and read-only behavior:
Modern filesystems (ext4, XFS) use journaling to protect data integrity. When I/O errors occur, the journal can become corrupted. The kernel responds by remounting read-only to prevent further damage. Key indicators in dmesg:
- EXT4-fs error: journal has been aborted
- Remounting filesystem read-only
This is protective behavior - do not force read-write without investigating the cause.
Docker BuildKit metadata errors:
BuildKit stores metadata in /var/lib/docker/buildkit/metadata_v2.db. If you see errors specifically mentioning this file, the buildkit cache may be corrupted:
# Clear BuildKit cache
docker builder prune -af
# If that fails, remove BuildKit data directly
sudo rm -rf /var/lib/docker/buildkit
sudo systemctl restart dockerVM-based Docker (Desktop, Colima, Lima):
When using Docker in a VM, the read-only error might originate from the VM's virtual disk rather than the host. These VMs create disk images that can become corrupted. The solution is often to delete and recreate the VM rather than attempting repairs.
Checking Docker data-root:
Docker's data directory can be customized. Verify the actual location:
docker info | grep "Docker Root Dir"Ensure this path has adequate space and proper mount options.
unable to configure the Docker daemon with file /etc/docker/daemon.json
How to fix 'unable to configure the Docker daemon with file daemon.json' in Docker
docker: Error response from daemon: OCI runtime create failed: container_linux.go: starting container process caused: exec: "/docker-entrypoint.sh": stat /docker-entrypoint.sh: no such file or directory
How to fix 'exec: entrypoint.sh: no such file or directory' in Docker
image operating system "linux" cannot be used on this platform
How to fix 'image operating system linux cannot be used on this platform' in Docker
dockerfile parse error line 5: unknown instruction: RRUN
How to fix 'unknown instruction' Dockerfile parse error in Docker
manifest unknown: manifest unknown
How to fix 'manifest unknown' in Docker