Joyce Zhang · Sep 24, 2018

Failed to run a Docker container

I followed the First Look instructions and tried to run a Docker container with the below command:

> docker run --name iris --detach --publish 52773:52773 --volume /Users/docker:/external --env ICM_SENTINEL_DIR=/external iris:latest --key /external/iris.key --before "/usr/irissys/dev/Cloud/ICM/ /external/password.txt"

It returned with a container ID and an error message:

docker: Error response from daemon: OCI runtime create failed: container_linux.go:348: starting container process caused "exec: \"/iris-main\": permission denied": unknown.

"docker ps -a" shows that the status of this container is "Created", not "Up". How can I resolve this "permission denied" issue?

0 1,413
Discussion (4)3
Log in or sign up to continue

Joyce, can you confirm the Docker version and the OS you are running on?

Is the user issuing the docker run command a member of the docker group at operating system level?

Thanks!  Erik

Hi Erik, the Docker version is 18.06.1-ce and I'm on macOS 10.13.4. How can I check if I'm a member of the docker group? "id -nG" gives me a list and "everyone" is in the list. I also tried the "docker run" command with "sudo" but didn't work either.

Hi Stefano,

I was trying to run an unreleased 2019.1 docker image. I followed your suggestion but it still doesn't work. Then I tried with a 2018.1.2 docker image and it worked. I will contact support internally.


Hi Joyce,

I just tested the documentation steps on my Mac just to confirm that they would work correctly with the current Docker release, and it seems IO got everything going through correctly.

The "permission denied"  error suggests some kind of permission issue, and looking at your "docker run" command I have a strong suspicion that the problem may be coming from the --volume /Users/docker:/external mapping, as anything under "Users" is handled quite strictly by MacOS (and correctly so I would add:-)

Try your test by using a different path for your storage volume.. This is an example of what I ended up running with for my current test run (I used a /Temp/durable/ directory to store my key and password file):
docker run --name iris \
> --detach \
> --publish 52773:52773 \
> --volume /Temp/durable/:/external \
> --env ICM_SENTINEL_DIR=/external \
> acme/iris:stable \
> --key /external/iris.key \
> --before "/usr/irissys/dev/Cloud/ICM/ /external/password.txt"

docker ps
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                      NAMES
b23d2d4c8b1d        acme/iris:stable    "/iris-main --key /e…"   9 minutes ago       Up 9 minutes>52773/tcp   iris

Let us know if the /Users/docker path was indeed the cause of your issue.