Docker Community Forums

Share and learn in the Docker community.

Can not stop Docker Container: permission denied Error

Issue: Can not stop docker containers, whenever I try to stop containers I get the following Error message,

ERROR: for yattyadocker_web_1  cannot stop container: 1f04148910c5bac38983e6beb3f6da4c8be3f46ceeccdc8d7de0da9d2d76edd8: Cannot kill container 1f04148910c5bac38983e6beb3f6da4c8be3f46ceeccdc8d7de0da9d2d76edd8: rpc error: code = PermissionDenied desc = permission denied

OS Version/build: Ubuntu 16.04 | Docker Version 17.09.0-ce, build afdb6d4 | Docker Compose version 1.17.1, build 6d101fb
Steps to reproduce:

  1. Created a project with Dockerfile and docker-compose.yml. docker-compose.yml is of version 3.
  2. Images is built successfully with either docker build -t yattya_docker . or docker-compose up --build
  3. Containers boots up and runs successfully.
    4 .Try to stop docker compose with docker-compose down
1 Like

I also added a question on stack-overflow, if anyone can help https://stackoverflow.com/q/47223280/4933185

I’m experiencing the same issue.

Ubuntu 16.04
Docker version 17.09.0-ce, build afdb6d4
docker-compose version 1.8.0

Tried re-installing docker-ce with apt-get purge --auto-remove. No luck. Restarting docker service with sudo service docker restart works but stopping the service every time I have to use the docker-compose down command is not a fix.

So even when I create a container outside docker-compose and try to stop or kill it it results in the same error. Meaning I can not stop or kill any container.

Using docker inspect I found the PID the container was using. Killing this process as root using kill -9 did not work. Eventually I started consulting the docker service and found the line below in the results of the dmesg command:

[ 5602.621070] audit: type=1400 audit(1510837007.956:60): apparmor=“DENIED” operation=“signal” profile=“docker-default” pid=20728 comm=“docker-containe” requested_mask=“receive” denied_mask=“receive” signal=kill peer=“unconfined”

After using the below commands I was able to use docker-compose stop again.
sudo apt-get purge --auto-remove apparmor
sudo service docker restart
docker system prune --all --volumes

4 Likes

Worked for me. Found similar advice on stackoverflow: https://stackoverflow.com/questions/47223280/docker-containers-can-not-be-stopped-or-removed-permission-denied-error

1 Like

For anyone that does not wish to completely purge AppArmor.

Check status: sudo aa-status

Shutdown and prevent it from restarting: sudo systemctl disable apparmor.service --now
Unload AppArmor profiles: sudo service apparmor teardown
Check status: sudo aa-status

You should now be able to stop/kill containers.

24 Likes

u r so good! spent 1 hour on disabling the AppArmor

You are the best.Problem solved perfectly

perfect solution to the issue

Great… this helped me and saved my time…:slight_smile:

It works awesome. Thanks!

Works like a charm! I even created account, to reply that this answer is working. The day will come when we all be celebrating jsloan117’s Day every year! :smile:

Awesome, thanks @jsloan117 :+1:

Not sure what I just did, but it worked.

Thank you for providing these details.

Feel the love all these devs are sending you! You did an amazing thing! Thank you very much!

Excellent site. Plenty of helpful information here. I am sending it to some buddies ans additionally sharing in delicious.

jsloan117’s answer worked Great! Thank you!

Thank you!
Your solution still works – 2019-10-03
Docker CE-19.03.2 on Ubuntu 16.04