docker
config_error
ai_generated
true
守护进程响应错误:挂载卷 '/host/path' 时出错:权限被拒绝
Error response from daemon: error while mounting volume '/host/path': permission denied
ID: docker/volume-bind-mount-permission-denied
82%修复率
88%置信度
1证据数
2023-08-10首次发现
版本兼容性
| 版本 | 状态 | 引入 | 弃用 | 备注 |
|---|---|---|---|---|
| Docker 20.10.22 | active | — | — | — |
| Docker 24.0.6 | active | — | — | — |
| RHEL 8 | active | — | — | — |
| Ubuntu 22.04 | active | — | — | — |
根因分析
被绑定挂载的主机目录或文件具有限制性权限或 SELinux 标签,阻止 Docker 容器访问。
English
The host directory or file being bind-mounted has restrictive permissions or SELinux labels that prevent the Docker container from accessing it.
官方文档
https://docs.docker.com/storage/bind-mounts/#configure-the-selinux-label解决方案
-
Add `:Z` or `:z` suffix to the bind mount to relabel SELinux context: `docker run -v /host/path:/container/path:Z myimage`
-
Ensure the host directory has at least 755 permissions (`chmod 755 /host/path`) and the Docker daemon has read access. Then retry the mount.
无效尝试
常见但无效的做法:
-
85% 失败
Even root inside the container may not bypass host SELinux or AppArmor policies; the mount itself is denied at the daemon level.
-
75% 失败
The permission denied error occurs before the container process runs; it's a mount-time check, not a runtime access issue.