# -- osx --
$ /Applications/Docker.app/Contents/MacOS/com.docker.diagnose
# create and upload the diagnostics id
$ /Applications/Docker.app/Contents/MacOS/com.docker.diagnose gather -upload
# self diagnose
$ /Applications/Docker.app/Contents/MacOS/com.docker.diagnose check
# check log
$ pred='process matches ".*(ocker|vpnkit).*" || (process in {"taskgated-helper", "launchservicesd", "kernel"} && eventMessage contains[c] "docker")'
$ /usr/bin/log stream --style syslog --level=debug --color=always --predicate "$pred"
# -- linux --
$ /opt/docker-desktop/bin/com.docker.diagnose
# create and upload the diagnostics id
$ /opt/docker-desktop/bin/com.docker.diagnose gather -upload
# self diagnose
$ /opt/docker-desktop/bin/com.docker.diagnose check
# check log
$ journalctl --user --unit=docker-desktop
# -- windows --
> C:\Program Files\Docker\Docker\resources\com.docker.diagnose.exe
# create and upload the diagnostics id
> & "C:\Program Files\Docker\Docker\resources\com.docker.diagnose.exe" gather -upload
> Expand-Archive -LiteralPath "%TEMP%\5DE9978A-3848-429E-8776-950FC869186F\20230607101602.zip" -DestinationPath "%TEMP%\5DE9978A-3848-429E-8776-950FC869186F\20230607101602"
# self diagnose
> & "C:\Program Files\Docker\Docker\resources\com.docker.diagnose.exe" check
# check log
> code $Env:LOCALAPPDATA\Docker\log
permission denied while trying to connect to the Docker daemon socket
[!NOTE|label:see also:]
issue shows even if the account exists in docker group
# account already been added in `docker` group
$ id marslo
uid=1100(marslo) gid=1100(marslo) groups=1100(marslo),994(docker)
$ docker ps
permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get "http://%2Fvar%2Frun%2Fdocker.sock/v1.44/containers/json": dial unix /var/run/docker.sock: connect: permission denied
# group info
$ getent group docker
docker:x:994:devops,marslo
$ getent group 994
docker:x:994:devops,marslo
# remote
$ sudo gpasswd -d marslo docker
Removing user marslo from group docker
$ id marslo
uid=1100(marslo) gid=1100(marslo) groups=1100(marslo)
# re-added
$ sudo usermod -aG docker marslo
$ id marslo
uid=1100(marslo) gid=1100(marslo) groups=1100(marslo),994(docker)
$ docker ps
permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get "http://%2Fvar%2Frun%2Fdocker.sock/v1.44/containers/json": dial unix /var/run/docker.sock: connect: permission denied
root cause
# docker group-id was 990, and it was changed to 994; but the `/var/run/docker.sock` wasn't been changed
$ ls -asltrh /var/run/docker.sock
0 srw-rw---- 1 root redwillow 0 Mar 7 15:27 /var/run/docker.sock
solution
$ sudo chown -R root:docker /var/run/docker.sock
$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
# to change all after GID changed
$ find / -gid OLD_GID ! -type l -exec chgrp NEW_GID {} \;