Reputation: 835
Docker killing container "permission denied" due to AppArmor. Just why?
I am trying to kill containers I launched through docker-compose. Either by gracefully stopping (Ctrl+C) or by docker-compose down I encounter the following error:
ERROR: for <container-name> cannot stop container: b60c1c4d886899504b...2a022e4d39429dc6ca6e4784afdd: Cannot kill container b60c1c4d886899504b...2a022e4d39429dc6ca6e4784afdd: unknown error after kill: runc did not terminate sucessfully: container_linux.go:388: signaling init process caused "permission denied"
: unknown
I am just looking for the answer WHY. I am trying to understand AppArmor better but understanding WHY I can't stop the containers before everything would help to understand what's going on.
I see that this is an error many people come across. 1 2 3 4
However, most of the answers suggest workarounds and no solutions. Even the explanatory answers like 1 dive directly into AppArmor and profiles. From docker documentation I see docker has a default AppArmor policy docker-default. I partly understand the concept but still don't get WHY I can't stop the containers through the user and the environment I've started them in.
If I try to wrap my questions:
- I started some containers as a user, WHY can't I stop them.
sudodoes not work either. Who can stop them then? - Do I need an AppArmor profile for each container?
- I don't feel it's a good idea to restart AppArmor or disable it. Should I do that? What is the ideal solution?
Any feedback or explanations welcome. Thanks.
Upvotes: 5
Views: 4116
Answers (2)
Reputation: 11
I know this thread is old but since it's the first thing that pop in Google Search, I'll leave this here since this worked for me trying to update a docker container on Ubuntu 22.04, I had the same error (AppArmor)
sudo systemctl restart docker.socket docker.service
sudo docker-compose down
Cheers!
Upvotes: 1
Reputation: 835
I couldn't find the exact reason but came close. It seems there were conflicting docker installations on my Ubuntu 19.10 and this was causing this access control issue.
As stated here, I've removed the snap installation. As I already had another installation I didn't have to install it via another way.
sudo snap remove docker
Upvotes: 3
Related Questions
- How to stop running Container, if error response from daemon is: Cannot Kill Container [...] permission denied?
- Error response from daemon: Cannot kill container: permission denied, how to kill docker containers on Ubuntu 20.04?
- docker compose down fails due to "permission denied"
- Docker error response from daemon: Cannot kill container: bbfec3f85216: permission denied
- Docker container cannot start due to apparmor, why?
- docker on ubuntu 16.04 error when killing container
- unknown error after kill did not terminate sucessfully: signaling init process caused "permission denied"\n: unknown'
- Get apparmor working on docker container
- Unable to stop or remove a container in Docker, Permission denied is displayed
- Cannot reload or start AppArmor in Docker