Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker

Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock

问题 Gitlab-CI执行docker build命令时出现如下权限错误：

Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Post http://%2Fvar%2Frun%2Fdocker.sock/v1.26/build?buildargs=%7B%7D&buildbinds=null&cachefrom=%5B%5D&cgroupparent=&cpuperiod=0&cpuquota=0&cpusetcpus=&cpusetmems=&cpushares=0&dockerfile=Dockerfile&labels=%7B%7D&memory=0&memswap=0&networkmode=default&rm=1&shmsize=0&t=dockerhub.xtone.com%3A5000%2Fscms%2Fxt-finance-service%3A1.0&ulimits=null: dial unix /var/run/docker.sock: connect: permission denie

解决

服务器为Centos7.2 x64，并使用root账户直接yum安装docker，然后service docker start启动docker服务。Gitlab-CI默认以gitlab-runner用户执行，因此对/var/run/docker.sock无访问权限，无法与docker daemon通信。解决办法如下：

# 添加docker用户组和docker用户，并将用户添加到组中
groupadd -r docker
useradd -g docker -r docker -p 'password here'

# 然后将gitlab-runner添加到docker组中
usermod -aG docker gitlab-runner

# 最后将docker服务停止，切换到docker用户再重新启动服务，gitlab-runner用户就和docker用户组一样有rw权限
service docker stop
su docker
sudo service docker start