SELinux cause “Permission denied” issue in using docker

I am using docker on RHEL 7. After mounting host directory into container, some interesting things happen: Although I am a root user, and seem to have all permissions, but the system will prompt “Permission denied” when executing commands:

# docker run -v /root:/test --rm -it debian ls /test
ls: cannot open directory /test: Permission denied

Through tough investigations, I find the root cause is about SELinux:

# sestatus
SELinux status:                 enabled
SELinuxfs mount:                /sys/fs/selinux
SELinux root directory:         /etc/selinux
Loaded policy name:             targeted
Current mode:                   enforcing
Mode from config file:          enforcing
Policy MLS status:              enabled
Policy deny_unknown status:     allowed
Max kernel policy version:      28

The current mode of SELinux is enforcing, and I get 2 solutions to resolve it now:


Add --privileged option in docker run command:

# docker run --privileged -v /root:/test --rm -it debian ls /test
Desktop    Pictures   anaconda-ks.cfg
Documents  Public     database    
Downloads  Templates  docker-oracle12c      sysdig
Music      Videos     initial-setup-ks.cfg


Set SELinux mode as permissive:

# setenforce 0
# docker run -v /root:/test --rm -it debian ls /test
Desktop    Downloads  Pictures  Templates  anaconda-ks.cfg  docker-oracle12c  sysdig
Documents  Music      Public    Videos     database         initial-setup-ks.cfg

Why does docker prompt “Permission denied” when backing up the data volume?;
Why does docker container prompt “Permission denied”?.


4 thoughts on “SELinux cause “Permission denied” issue in using docker”

  1. Did you try adding suffx ‘:z’ or ‘:Z’ to the volume mount?
    In your case, command would be
    docker run -v /root:/test:Z –rm -it debian ls /test

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.